Bryan Wagstaff suggested an idea · Aug 03, 2021 at 02:00 AM · apisAuthentication
There are several existing feature requests and forum posts, but it still needs correction.
It is not enough to have security authentication tokens expire after 24 hours. The current recommendation seems to be to drop them and hope they aren't accidentally reused, or worse, maliciously replayed or stolen. The fact that we cannot expressly invalidate them remains an enormous security flaw.
There needs to be a logout function to explicitly declare "this session is over" and invalidate the token.
We would love to know what you need. Submit your ideas and upvote others to help us prioritize.
No one has followed this yet.
Get PlayFab IDs from Nintendo Service Accounts
New Client call/params to get new FB token
Enhance results from GrantItemsToUser().
Add Removed Items from Consume Platform Entitlements APIs
GetMatch ticket info passed to the GSDK
Add GrantedCurrencies field to RedeemCouponResult
Improvement of the add-on "Apple" and PlayFabClientApi for validation of purchases for MacOSX.