I have 101 questions about Entities, starting with tokens and groups... let's begin.
Has documentation on Policy been made available yet?
Can I call any of the Entity methods from CloudScript? I know I can use PlayFabCloudScriptAPI.ExecuteEntityCloudScript but it seems that it just bypasses CloudScript and calls the Entity method.
I'd like to call GetEntityToken from CloudScript to get a 'title' level auth token so I don't store the X-SecretKey on our client app. It's at least one level of security abstraction to help to avoid issues.
We're trying to use Entity Groups to manage lists of Friends for a few aspects of our app. I'd like to be able to allow the entity that creates a Group (the group admin) to be able to add other players to their group (a list of all of their Facebook friends that also have PlayFab linked accounts) without having to go through the Invite/Accept steps. I know if I set the policy properly I can allow this behavior, but I don't know exactly how to setup this policy, and I don't want to 'experiment' as we're close to release and don't want to mess things up mucking around with undocumented features. That's where the question about GetEntityToken come in, we apparently need a 'title' account to provide some features we'd like to implement with Entity Groups.
We use GetPlayFabIDsFromFacebookIDsRequest to retrieve player's PlayFabId from their Facebook friend's Id, but the returned PlayFabId is a master_player_account, and the entity system needs title_player_account. So we try to use GetProfile to retrieve the title_player_account but we don't have permissions set properly, round and round we go.
We're tentatively trying to release by the end of this month, so waiting for the new Entity system update isn't an option. I have the code written that's manages these aspects of Friends lists utilizing Groups except for modifying Policy, so that's really where I need the most help at the moment.
Summary
1. CloudScript to call GetEntityToken with X-SecretKey (in cloudscript handler as to not have X-SecretKey on the client app).
2. use GetProfile with master_player_account PlayFabId to get the title_player_account PlayFabId to add that player to a group and invite/apply to group with proper title_player_account PlayFabId.
3.Use 'title' level level auth token to be able to allow 'group admins' to add a list of facebook friends to a group directly.
If we can get those things done, we'll be well on our way to having a working group management system.
Thanks for listening.