Hi. I revoked all secret dev keys, because I released it with the app by mistake.
But I can still easily use AdminApi with DELETED KEY from my unity editor successfully.
My title id is 497EC.
Please can you tell me what is going on asap?
Thanks
Hi. I revoked all secret dev keys, because I released it with the app by mistake.
But I can still easily use AdminApi with DELETED KEY from my unity editor successfully.
My title id is 497EC.
Please can you tell me what is going on asap?
Thanks
I believe the deleting secret key is more like updating/deleting title data because it is a sharded. The time deletion synchronization takes to different shards is varies and when a server API is called, there is no guarantee that the target shard has been synced. Hence you may find different result (sometimes it shows the secret key is not valid, other time, it still returns the former result).
The synchronization will take few minutes and I have tested it in my title, and it takes 5 minutes to totally disable the deleted secret key.
Please inform us if it takes too long to disable it.
Still working next day :) It is far far more than 5 minutes
It is more than 12 hours past, and the key is still working fine. So, please look into it.
Hi @Derevyaga Nikolay, may I ask the business impact of this issue? If this secret key is not shared with others, I'd like to understand the impact to set an appropriate priority. Thank you.
I have released app into store with admin_api enabled, and app is pretty popular right now, so our playfab server is really vulnerable
3 People are following this question.