question

eswitzer07 avatar image
eswitzer07 asked

Proper Syntax for TitlePolicy

Hi,

Currently trying to setup the title policy to block the client API call for Client.LoginWithCustomID. I have the following syntax:

	{
        "Action": "*",
        "Effect": "Deny",
        "Resource": "pfrn:api--/Client/LoginWithCustomID",
        "Principal": "*",
        "Comment": "The default allow profile child access",
        "Condition": null
   	}

However when saving the API Features I get the following error "Failed to save new global policy: Invalid action * in statement."

Looking at https://api.playfab.com/documentation/Admin/datatype/PlayFab.Admin.Models/PlayFab.Admin.Models.PermissionStatement it says the only supported action is "Execute". I tried that as well, but it throws the following error "Failed to save new global policy: Invalid action Execute in statement."

What is the proper syntax for this? Am I setting this up incorrectly?

1 comment
10 |1200
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

jital avatar image jital ♦ commented ·

Can you post more of the surrounding code you are using? I was able to copy and paste what you had posted into Postman and had a successful call.

postmansuccess.png

0 Likes 0 ·
postmansuccess.png (24.1 KiB)

1 Answer

·
eswitzer07 avatar image
eswitzer07 answered

Edit: For some reason I'm unable to submit a reply to jital. Posting an answer as that seems to be the only way I'm able to reply.

This is my full snippet:

[
    {
        "Action": "*",
        "Effect": "Allow",
        "Resource": "*--*",
        "Principal": {
            "ChildOf": {
                "EntityType": "namespace",
                "EntityId": "B257F73D91708725"
            }
        },
        "Comment": "The default allow title in namespace full access",
        "Condition": {
            "CallingEntityType": "title"
        }
    },
    {
        "Action": "*",
        "Effect": "Allow",
        "Resource": "pfrn:data--*![SELF]/Profile/*",
        "Principal": "[SELF]",
        "Comment": "The default allow profile self access",
        "Condition": null
    },
    {
        "Action": "*",
        "Effect": "Allow",
        "Resource": "pfrn:data--*![SELF]/Profile/*",
        "Principal": {
            "ChildOf": {
                "EntityType": "[SELF]"
            }
        },
        "Comment": "The default allow profile child access",
        "Condition": null
    },
    {
        "Action": "*",
        "Effect": "Deny",
        "Resource": "pfrn:api--/Client/LoginWithCustomID",
        "Principal": "*",
        "Comment": "The default allow profile child access",
        "Condition": null
    }
]

However running with just the code snippet results in the same error above. Note, Im doing this in the Settings/APIFeatures section of the game Manager. Not pushing this information through a function.

1 comment
10 |1200
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Seth Du avatar image Seth Du ♦ commented ·

The thing is you cannot use this format to update "ENTITY GLOBAL TITLE POLICY" (API policy is a different thing). There is no detailed public documentation for Entity Title Policy for now.

If you want to update API policy, please use Admin API: UpdatePolicy, to get current API policy, try to use GetPolicy

0 Likes 0 ·

Write an Answer

Hint: Notify or tag a user in this post by typing @username.

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.