Hi there,
I need my game servers to call an API which I am developing concurrently with the server. To authenticate those API calls I can see these options:
- Store API credentials as build-level environment variables i.e., an environment variable that applies to all servers for a particular build, whether they be active, on standby or yet to be created. I do not believe that PlayFab has this feature.
- Read API credentials from my Server.exe.config file. This is trivial to implement but has a major drawback: the build's lifetime is tied to the lifetime of those API credentials.
- Authenticate the Server using Playfab API calls.
- Something better/recommended that I have not thought of/come across.
Option 3 would look like this:
- When a server is created, generate some unique ID for it and log in with LoginWithServerCustomId, creating a new Playfab user account for the server
- Set a custom user ID string "trustMeI'maServer"
- Include the server's session ticket in calls to my API
- Have the API authoriser use AuthenticateSessionTicket to check that this call is being made from an account with the custom user ID string
I have 2 questions. Firstly, am I wrong about PlayFab not having build-level env vars? Secondly, is option 3 a good way to handle this?
Thanks!