Hi, I am trying to grant player some items (Economy V2) once he is created (by using rules player_created). I am using playstram event to trigger a azure function for this. I am trying to add these items to players inventory by using server's entity token and developer access key but api is failing due to unauthorise entity token.
Because of this issue I started using entity token which is sent from playstream event and it is giving the same error.
Finally I had to add this API call on client side to get entity token from client which allowed me to add these items to inventory.
According to me this is very insecure and needs attention. I think executeInventoryOperation API should also be accessible by developer secret or server entity token. Otherwise Inventory which is very important part of any game cannot be controlled freely as it will always need clients intervention to work.
If this is already possible without clients intervention, please let me know how to do it.
Thanks in advance