If I were to need to revoke the Developer Secret Key set in PlayFabSharedSettings.asset by the UnitySDK, how would I go about doing that? I don't see it in the Secret Keys section of the Web Portal / Game Manager for the title.
If I were to need to revoke the Developer Secret Key set in PlayFabSharedSettings.asset by the UnitySDK, how would I go about doing that? I don't see it in the Secret Keys section of the Web Portal / Game Manager for the title.
Can I ask why you are wanting to revoke the key? If you have security concerns, you may note Marco's response in this thread regarding the safety of the secret key in Unity builds:
"You'll notice that DeveloperSecretKey is not even available at compile time if these pre-processor directives ENABLE_PLAYFABSERVER_API || ENABLE_PLAYFABADMIN_API || UNITY_EDITOR
This means that the .asset file will not contain any information for developer secret key when compiled as a GameClient. The property is not hidden, it simply does not exist if Server or Admin are not enabled.
So you shouldn't worry, you are not exposing the developer secret with client builds."
To reiterate, be sure to disable the Admin and Server API settings in the PlayFab Editor Extensions window in Unity for your final client build, as discussed in this thread.
Ya we are aware of that thread. We had recently seen an incident where a dev accidentally published their key to an open-source repo for an asset they were developing. It got us to thinking about all the things that can go wrong (accidentally publishing the key to an open-source repo, accidentally having the server api checked in a client build, accidentally showing the key during a live stream of game development, etc.). Point is there is a lot that can go wrong and mistakes do happen. We just wanted to know how to swiftly revoke our key if Murphy's Law ever decided it wanted to give us a hard time.
You can navigate to https://developer.playfab.com/en-US/r/t/[YourTitleId]/settings/secret-keys, check the box of the corresponding secret key, then click the delete button.
@Sarah Zhang @TCROC Unfortunately, the key generated in the Unity SDK (specifically, the key available in the Editor Extension) is not populated in Title Settings. From what I can find, as far back as 2017, it was in the works to update the Web UI to include the key generated by EdEx, but that doesn't seem to be the case today. It looks like the only way to ensure the key you're using can be revoked is to manually generate the key and assign it in your code.
5 People are following this question.
