I can spam thousands and thousands new user accounts only with my title id called from ClientAPI, and this title id can be exposed easily with some network capture tools. How can I protect my game server without using Enterprise Solution?
I can spam thousands and thousands new user accounts only with my title id called from ClientAPI, and this title id can be exposed easily with some network capture tools. How can I protect my game server without using Enterprise Solution?
You should turn off any API endpoints you're not using via our API permission policies: https://blog.playfab.com/blog/permission-policies
Thank you for answering that fast,
I have one more question: is logging in with encryption only available for Enterprise Package (as far as I read on you documents) ? Can Professional Tier get this feature too?
That's correct - using Base64 encoded data using a title RSA key is an Enterprise tier feature. If that's something you'd like to look into, please feel free to email us at devrel@playfab.com.
4 People are following this question.