Google's new API introduced "Silent Sign-In". Basically, it allows Google Play Games Services (GPGS) login without any user interaction. The condition for this to work is that you cannot ask for any further user information other then the ServerAuthCode, or else a pop-up will appear asking the user for permission.
This is a feature we would really like to use in your games, we would be able to have the great majority of users logged in to GPGS. In our older games, that require user interaction, we only get around 30-40% players logged in.
I also believe silent logins will be a tendency in new games, as google recomends it as a good practice:
"The most common use case for authentication is to use the DEFAULT_GAMES_SIGN_IN option. This option enables your game to use the games profile for the user. Since a user's games profile only contains a gamer tag that your game can display like a name, and an avatar for a image, the actual identity of the user is protected. This eliminates the need for the user to consent to sharing any additional personal information reducing the friction between the user and your game.
Note: The only Google sign-in option that can be requested which only uses games profile is requestServerAuthCode(). All others, such as requestIDToken() require the user to consent to additional information being shared. This also has the effect of preventing users from having a zero-tap sign-in experience.
Since there can only be one user account signed in at a time, it's good practice to attempt a silent sign-in when the activity is resuming. This will have the effect of automatically signing in the user if it is valid to do so"
Source: https://developers.googleblog.com/2017/11/migrating-to-new-play-games-services.html"
General audience apps should implement silent sign-in to help players get quickly authenticated and authorized to use the full set of features provided by the Google Play games services. If silent sign-in fails, your app should prompt players to sign in interactively."
"Remove any unneeded scopes from your GoogleSignInOptions
construction along with any APIs you no longer use.
For example, you should not request G+ scopes when creating your Google sign-in client. This will avoid requiring new users to unnecessarily (1) create G+ accounts, and (2) review additional consent screens."
Source: https://developers.google.com/games/services/checklist
The problem here is, PlayFab requires this ID Token, which cannot be retrieved while using this new silent sign-in. Google now keeps a separate ID for GPGS and for Google Plus. To protect user privacy, games only receive the GPGS ID in the silent sign-in. Can't PlayFab authenticate the user using only the provided GPGS ID, instead of requiring the user's Google Plus profile? Thus, removing the need to ask for user consent in sharing his Google Plus profile information.
PS: We are using Unity5, but I believe this matter concerns all game engines.