Microsoft Azure PlayFab logo
    • Multiplayer
    • LiveOps
    • Data & Analytics
    • Add-ons
    • For Any Role

      • Engineer
      • Designer
      • Executive
      • Marketer
    • For Any Stage

      • Build
      • Improve
      • Grow
    • For Any Size

      • Solo
      • Indie
      • AAA
  • Runs on PlayFab
  • Pricing
    • Blog
    • Forums
    • Contact us
  • Sign up
  • Sign in
  • Ask a question
  • Spaces
    • PlayStream
    • Feature Requests
    • Add-on Marketplace
    • Bugs
    • API and SDK Questions
    • General Discussion
    • LiveOps
    • Topics
    • Questions
    • Articles
    • Ideas
    • Users
    • Badges
  • Home /
  • General Discussion /
avatar image
Question by Henry Lisowski · Mar 04, 2021 at 01:45 AM · In-Game EconomyContent

CDN Download Restrictions based on Player Inventory

I was wondering if there's a feature similar to Firebase where we can add simple restriction rules to objects in the CDN? Or maybe use cloudscript to hook into the GetContentURL calls to determine if a given user should be allowed to download something.

We're already using receipt validation on purchases of currency. Users use that currency to purchase items that end up in their inventory. Client side we check the users inventory, and if they own a given asset we then download that given asset from the CDN for them to use. Originally I thought this meant we were mostly safe from pirating (we see a lot of attempts to use spoofed receipts, but validation gets around that) however one of our users recently sent us a video of a cracked version they found of our app where they've subverted the "check player inventory" check and move straight to downloading.

Ideally we'd like to be able to add validation when attempting to download from CDN, I know CDN calls already require being logged in through playfab so ideally we should be able to add a check against that users inventory to see if they should be allowed to get it (again, similar to firebase database rules) but I've been unable to find anything.

Comment
Henry Lisowski

People who like this

1 Show 1
10 |1200 characters needed characters left characters exceeded
▼
  • Viewable by all users
  • Viewable by moderators
  • Viewable by moderators and the original poster
  • Advanced visibility
Viewable by all users
avatar image Henry Lisowski · Mar 03, 2021 at 08:49 PM 0
Share

This would be great.

1 Reply

· Add your reply
  • Sort: 
avatar image
Best Answer

Answer by Sarah Zhang · Mar 05, 2021 at 06:40 AM

Yes, you can write the CloudScript to do the verification then give the URL to the users who meet the requirements. On CloudScript, you can do a judgement to confirm that the users already own the specific item. If the user passes the verification, you can call the server API GetContentDownloadUrl on CloudScript to retrieve the URL and return it to the user. If you need to improve security further, we would suggest you disable the access permission of Client API GetContentDownloadUrl. You can follow the steps of documentation -- API Access Policy to do it.

Comment

People who like this

0 Show 0 · Share
10 |1200 characters needed characters left characters exceeded
▼
  • Viewable by all users
  • Viewable by moderators
  • Viewable by moderators and the original poster
  • Advanced visibility
Viewable by all users

Your answer

Hint: You can notify a user about this post by typing @username

Up to 2 attachments (including images) can be used with a maximum of 524.3 kB each and 1.0 MB total.

Navigation

Spaces
  • General Discussion
  • API and SDK Questions
  • Feature Requests
  • PlayStream
  • Bugs
  • Add-on Marketplace
  • LiveOps
  • Follow this Question

    Answers Answers and Comments

    2 People are following this question.

    avatar image avatar image

    Related Questions

    How do Limited Edition items interact with item containers? 1 Answer

    Using playfab to also build a whitelabel app store? 1 Answer

    What happens if a Title in Development mode overdraws its meters? 1 Answer

    Regenerating virtual currency timer doesn't stop after reaching maximum value 2 Answers

    Item to Currency Conversion 1 Answer

    PlayFab

    • Multiplayer
    • LiveOps
    • Data & Analytics
    • Runs on PlayFab
    • Pricing

    Solutions

    • For Any Role

      • Engineer
      • Designer
      • Executive
      • Marketer
    • For Any Stage

      • Build
      • Improve
      • Grow
    • For Any Size

      • Solo
      • Indie
      • AAA

    Engineers

    • Documentation
    • Quickstarts
    • API Reference
    • SDKs
    • Usage Limits

    Resources

    • Forums
    • Contact us
    • Blog
    • Service Health
    • Terms of Service
    • Attribution

    Follow us

    • Facebook
    • Twitter
    • LinkedIn
    • YouTube
    • Sitemap
    • Contact Microsoft
    • Privacy & cookies
    • Terms of use
    • Trademarks
    • Safety & eco
    • About our ads
    • © Microsoft 2020
    • Anonymous
    • Sign in
    • Create
    • Ask a question
    • Create an article
    • Post an idea
    • Spaces
    • PlayStream
    • Feature Requests
    • Add-on Marketplace
    • Bugs
    • API and SDK Questions
    • General Discussion
    • LiveOps
    • Explore
    • Topics
    • Questions
    • Articles
    • Ideas
    • Users
    • Badges