I was wondering if there's a feature similar to Firebase where we can add simple restriction rules to objects in the CDN? Or maybe use cloudscript to hook into the GetContentURL calls to determine if a given user should be allowed to download something.
We're already using receipt validation on purchases of currency. Users use that currency to purchase items that end up in their inventory. Client side we check the users inventory, and if they own a given asset we then download that given asset from the CDN for them to use. Originally I thought this meant we were mostly safe from pirating (we see a lot of attempts to use spoofed receipts, but validation gets around that) however one of our users recently sent us a video of a cracked version they found of our app where they've subverted the "check player inventory" check and move straight to downloading.
Ideally we'd like to be able to add validation when attempting to download from CDN, I know CDN calls already require being logged in through playfab so ideally we should be able to add a check against that users inventory to see if they should be allowed to get it (again, similar to firebase database rules) but I've been unable to find anything.