I'd like to avoid trusting the client by preventing it to use LoginWithCustomID(). But Playfab API doesn't provide a loginWith*() function for every provider. (namely Origin or GOG)
Here's what I'd like to do:
- Client call the third-party provider for a token
- Client send that token to a CloudScript function
- CloudScript function ask the third-party provider if the token is legitimate
- CloudScript function log the client
- CloudScript function return PlayfabId and Session ticket to the client
- Client call PlayfabSettings::staticPlayer->HandlePlayFabLogin() with the info
Problem: a CloudScript function requires a logged in user.
Is there a way around this issue or do I need to host my own webservice in place of the CloudScript function ?