doronhn avatar image
doronhn asked

understanding the authentication flow better, few questions

Hey all,

Thanks in advance for your help, your response time is great. but am working for like 20 hours on the all flow of the authentication and i read everything there is out there about the all API and etc.

My goal is to let my players the option to login with two types of login:

1. login with Facebok \ Google

2. login as a guest

- for both situation i want to create playfab account and link them to deviceID

the basic flow i had in mind is:
1. check if i keep local info about the user(last login method,PlayFab account and etc)

2. if he has info -> authenticate him via his provider (Facebok or Google) and authenticate him again via PlayFab (not sure i need that).

3. update my local info from his provider and update playfab as well

4. start play the game.


5. if i dont have info about the user, then show him the login screen and let him pick one of the types

6. then authenticate him via his provider (Facebok or google) and authenticate him again via PlayFab (not sure i need that).

7. create playfab account and save his data to local device

8. start play the game

i have few question that i want to be sure about them:

1. the flow i had in mind is make sense? is best practice? is ok?

2. how do i save the data on the deviceID?

3. why do i need playfab (if i save the data locally)?


Player Dataunity3dAuthentication
10 |1200

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

1 Answer

brendan avatar image
brendan answered

Any login to PlayFab, for credentials that are not associated with an existing PlayFab account, will create a PlayFab account automatically if you have CreateAccount set to True. If you want to link the credentials to an existing PlayFab account, you would log into that account using the credentials already associated with it, and then use the appropriate Link... API call to link to it.

For your specific questions:

1. No, I would create the account using the Device ID first, then link Facebook/Google. This is described in our login best practices guide, here:

2. I'm not sure what this means. You can save any data you like locally, and you can sign into PlayFab using the Device ID. For a signed-in PlayFab account, you can save data either insecurely, direct from the client, or your can send it up to a Cloud Script call so that you can write it to read-only user data, and have whatever cheat checks you need in the script.

3. For a start, so that you have a cloud save of the player account, for purposes of moving from device to device. But there's a massive range of reasons beyond that - our feature list ( would be something to review. In addition to essentials like receipt validation for mobile titles, we have a complete set of LiveOps tools you can use to maximize the potential of your games.

10 |1200

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

doronhn avatar image doronhn commented ·

Thanks for the answer, i did try to read and understand the best login, and i did saw the Youtube series for authentication.

so if i understand you correctly, the flow should be like this-

1. user start my app for the first time

2. user select provider to authenticate

3. i save his details locally.

4. i send API request to PlayFab to create account for this device id

5. i send API request to PlayFab to link the device id \ account to the provider.

until now the flow is ok?

what happen if the user is log in again? what is the flow?

0 Likes 0 ·
brendan avatar image brendan doronhn commented ·

Or instead of 2, you could simply and invisibly sign the user in - creating an account if needed - using the Device ID (or, on PC, a generated GUID you save locally). That would let you get the player into the gameplay without stopping to decide which provider to use to log in.

When you create a PlayFab account using the Login... API calls, that credential is already linked to the account. You don't have to additionally call the Link... endpoint.

When the user logs back in, just re-use the Device ID to log them in.

0 Likes 0 ·

Write an Answer

Hint: Notify or tag a user in this post by typing @username.

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.