question

Jon avatar image
Jon asked

Restore Account with Facebook

I'm setting up a way for users to restore their account using facebook login and wondering the best practices.

We are using frictionless login (android / iOS) for all players.

Players then have an option to link with facebook in settings menu.

If no existing link, then successfully complete. Playfab account is now linked to facebook profile.

If there is an existing linked playfab account, then the player has two options

1) Overwrite existing link

2) Restore data from existing linked playfab account (this will link the current device to the existing linked playfab account). This option should orphan the current playfab account the player is logged in with.

So this way the player can only play on "one" device at a time. If they restore from facebook then it should prevent the other device from logging into that playfab account right?

PhoneA -> frictionless login -> creates AccountA (linked to PhoneA)

PhoneA -> login with fb -> links fb with AccountA

PhoneB -> frictionless login -> creates AccountB (linked to PhoneB)

PhoneB -> login with fb -> restore data from linked AccountA (links accountA with PhoneB as well)

Now accountA is linked to fb + PhoneB

AccountB should be considered orphaned

if PhoneA is used again, then frictionless login will create a NEW playfab account (call it AccountA-1)

Is there better way to do this? Or are the orphan accounts avoidable, etc.

Thanks

10 |1200
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

1 Answer

·
Seth Du avatar image
Seth Du answered

I believe you are already on the right track, but you may note that a PlayFab player account can be linked to multiple devices, and we will suggest appending a randomly generated string to the original device ID. So that when the phone’s ownership is changed, people won’t be able to log into the same account.

Linking multiple identity to the same account will have certain behavior. Take Android as an example, after 2 devices are linked, you may only see the lasted device ID in Game Manager, or via GetAccountInfo API. But You may still use any of them to login. It is not a big deal, but you should know it. And feel free to send a thread on Feature request forum: https://community.playfab.com/spaces/24/index.html

In your scenario, you may have some more modification.

  1. PhoneA -> frictionless login -> creates AccountA (linked to PhoneA – ID will be like [deviceA ID]#[randomString] )
  2. PhoneA -> login with fb -> links fb with AccountA
  3. PhoneB -> frictionless login -> creates AccountB (linked to PhoneB – ID will be like [deviceB ID]#[randomString])
  4. PhoneB -> login with fb -> restore data from linked AccountA. In many games on the market, the client will prompt a window, which indicates the comparison of 2 accounts(gaming progress, etc.). You may use something like PlayFabClientInstanceAPI in C#/Unity to handle the multiple logins. After the player chooses to restore. You may configure the ForceLink property in LinkAndroidDeviceID Request so that Account B will be an orphan account. Be aware that you still hold the session ticket and entity token of it, and you may use Azure function to call Admin API DeleteMasterPlayerAccount. Surely, this is not necessary because there is no account quantity limits in a paid tier subscription.

Meanwhile, I believe your current plan is fine, and the only thing you may notice is that making sure when linking the ID, it should be a comparatively unique device ID.

4 comments
10 |1200
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Jon avatar image Jon commented ·

Thanks, that is very helpful. We will incorporate the random string into the device ID.

If we wish to only allow 1 device to be linked to the account at a time, is the correct way to do it to unlink the old one first?

I am a bit confused by the API result from GetAccountInfo:

https://docs.microsoft.com/en-us/rest/api/playfab/client/account-management/getaccountinfo?view=playfab-rest#userandroiddeviceinfo

How does it store two device ID for android / ios, etc? If it's hidden, how can we remove the old android device id? Thanks

See that it returns:

AndroidDeviceInfo User Android device information, if an Android device has been linked
AndroidDeviceId
  • string
Android device ID
0 Likes 0 ·
Seth Du avatar image Seth Du ♦ Jon commented ·

Yes, the previous id will be hidden, and only the latest identity will appear in the result.

If the previous Device ID is missing, and the new device ID already has been linked to the current player account, theoretically the player will need to unlink one by one in a reversed order.

If you want to avoid this situation, you may implement client-side code logic and let the current account unlink the previous device ID so that the player can link another.

1 Like 1 ·
Jon avatar image Jon Seth Du ♦ commented ·

So you can only retrieve the latest identity?
Is there a way to retrieve all identity for a type? (android, ios, etc)

The reason is: I don't want to unlink the old identity until the new device can be linked.

Clientside:

1) store old identity (A)

2) make request to link new identity (B)

3) make request to unlink old identity (A) <-- let's say this step fails, 5xx or 4xx

Now user account is in a state when A and B can both login to the account.

0 Likes 0 ·
Show more comments

Write an Answer

Hint: Notify or tag a user in this post by typing @username.

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.