Microsoft Azure PlayFab logo
    • Multiplayer
    • LiveOps
    • Data & Analytics
    • Add-ons
    • For Any Role

      • Engineer
      • Designer
      • Executive
      • Marketer
    • For Any Stage

      • Build
      • Improve
      • Grow
    • For Any Size

      • Solo
      • Indie
      • AAA
  • Runs on PlayFab
  • Pricing
    • Blog
    • Forums
    • Contact us
  • Sign up
  • Sign in
  • Ask a question
  • Spaces
    • PlayStream
    • Feature Requests
    • Add-on Marketplace
    • Bugs
    • API and SDK Questions
    • General Discussion
    • LiveOps
    • Topics
    • Questions
    • Articles
    • Ideas
    • Users
    • Badges
  • Home /
  • API and SDK Questions /
avatar image
Question by developer-5 · Apr 28, 2021 at 01:25 AM · unity3dsdksAuthentication

Unity: Facebook Limited login

I need to login into Playfab with Facebook Limited Login (https://developers.facebook.com/docs/facebook-login/limited-login/unity/)
But I don't understand how to do that. So I receive from Facebook an Open ID token and insert it into AccessToken field of new LoginWithFacebookRequest() and I get an error with authentication. Also, I've already tried to log in with the function called LoginWithOpenIdConnect, but it doesn't work. Does Playfab support the new Limited Login from Facebook that includes the OIDC token?

By the way, we still using PlayFabClientAPI.LoginWithFacebook , but Apple released the new changes of IDFA, and we must use Facebook Limited Login that provides us the Open ID token. I'm not sure that Playfab supports that.

Comment

People who like this

0 Show 2
10 |1200 characters needed characters left characters exceeded
▼
  • Viewable by all users
  • Viewable by moderators
  • Viewable by moderators and the original poster
  • Advanced visibility
Viewable by all users
avatar image SethDu ♦ · Apr 28, 2021 at 02:09 AM 0
Share

If you want to use open ID connection for login, have you configured the provider via CreateOpenIdConnection Admin API? Please refer to https://docs.microsoft.com/en-us/rest/api/playfab/admin/authentication/createopenidconnection?view=playfab-rest. Please also refer to the request template in Postman Collection.

avatar image developer-5 SethDu ♦ · Apr 28, 2021 at 07:25 AM 1
Share

Thanks for replying. Could you please explain, how to configure the fields: Issuer, ClientId, ConnectionId. Do I have to create an open id connection for each user? And I don't understand how to connect with it by Facebook Limited login. I receive an access token(JWT) from Facebook SDK. I understand how to use LoginWithOpenID, but I haven't found any information about configuring the Open ID Connect.

1 Reply

· Add your reply
  • Sort: 
avatar image
Best Answer

Answer by Jay Zuo · Apr 30, 2021 at 09:18 AM

Why the Playfab's function LoginWithFacebook doesn't work when I use Facebook Limited Login that contains JWT?

This is because LoginWithFacebook is built on top of Facebook's Graph API. However, Limited Login returns an AuthenticationToken that wraps an OpenID Connect token. The ID token cannot be used to request additional data using the Graph API, such as friends, photos, or pages (Ref from: https://developers.facebook.com/docs/facebook-login/limited-login).

So, LoginWithFacebook won't work with Limited Login. Instead, as Limited Login mode is based on the OpenID Connect standard, we can use LoginWithOpenIdConnect here.

Firstly, you will need to add a new connection like the following:

Client ID should be your Facebook App ID and Client secret is your App Secret.

After saving this, you can then try to login with using AuthenticationToken.TokenString as IdToken:

{
    "ConnectionId": "FacebookLimitedLogin",
    "CreateAccount": true,
    "IdToken": "eyJhbGciOi..._8ItFw",
    "TitleId": {{TitleId}}
}

Please note, with above method, we can only log the Facebook user in, even you've enabled "user_friends" premission, the friend information still won't take effect in APIs like GetFriendsLis, GetFriendLeaderboard as in these APIs, the Facebook friends are got from Graph API.

Note:

1. By default, PlayFab will check the nonce and token nonce reuse is not permitted. Nonce values must be unique, and after use are invalid until the expiry of the OpenID Connect token or PlayFab token, whichever comes first.

So, please either use unique nonce in LoginWithTrackingPreference or check "Ignore nonce" in your OpenId Connection setting and set nonce to null in LoginWithTrackingPreference.

2. Facebook has changed their Issuer to "https://www.facebook.com". Please do not use "https://facebook.com" as above picture and also make sure you are using an new SDK support this. More details, see Facebook Limited Login issuer doesn't match OpenID configuration (attempt 2) - Facebook for Developers.


rycos.png (28.3 kB)
Comment
developer-5

People who like this

1 Show 15 · Share
10 |1200 characters needed characters left characters exceeded
▼
  • Viewable by all users
  • Viewable by moderators
  • Viewable by moderators and the original poster
  • Advanced visibility
Viewable by all users
avatar image developer-5 · May 07, 2021 at 09:19 AM 0
Share

Thank you so much! I will try this method and tell if everything is successful. Probably it will help someone else.

avatar image developer-5 · Jun 16, 2021 at 01:49 PM 0
Share

Unfortunately, nothing helped me. I had created an open id connect and then configured request properties in a code as needed(ConnectionId: "FacebookLimitedLogin", "IdToken": received from Facebook Limited login; So I login to Facebook with limited login successfully, but error sends from Playfab: error AuthenticateFacebook into Playfab. No idea how to fix it. In my view, Playfab Open ID Connect doesn't work with Token which sets from Facebook Limited Login.

avatar image Jay Zuo ♦ developer-5 · Jun 17, 2021 at 03:31 AM 1
Share

Could you share the code you are using? As in my test, LoginWithOpenIdConnect can work with Facebook Limited login without any issue.

avatar image developer-5 Jay Zuo ♦ · Jul 07, 2021 at 07:49 AM 0
Share

Here is a link to see the code (characters limit here)

Show more comments
Show more comments
avatar image Jay Zuo ♦ developer-5 · Jul 08, 2021 at 08:54 AM 0
Share

OK, I'd believe the problem here is the nonce you've used in LoginWithTrackingPreference. By default, PlayFab will check the nonce and token nonce reuse is not permitted. Nonce values must be unique, and after use are invalid until the expiry of the OpenID Connect token or PlayFab token, whichever comes first.

So, you can either use unique nonce in LoginWithTrackingPreference or check "Ignore nonce" in your OpenId Connection setting and do not set nonce in LoginWithTrackingPreference.

avatar image Jay Zuo ♦ Jay Zuo ♦ · Jul 08, 2021 at 10:18 AM 1
Share

For unique nonce, you can just use a GUID string.

Show more comments

Your answer

Hint: You can notify a user about this post by typing @username

Up to 2 attachments (including images) can be used with a maximum of 524.3 kB each and 1.0 MB total.

Navigation

Spaces
  • General Discussion
  • API and SDK Questions
  • Feature Requests
  • PlayStream
  • Bugs
  • Add-on Marketplace
  • LiveOps
  • Follow this Question

    Answers Answers and Comments

    4 People are following this question.

    avatar image avatar image avatar image avatar image

    Related Questions

    Cant Login to facebook on android build 1 Answer

    "Google oauth no id token included in response" error using Cross Platform Native Plugins 1 Answer

    Do I need to login every time when I reopen my game ? 1 Answer

    DeviceUniqueIdentifier in Unity SDK 1 Answer

    Using Unity 2018.3 and Google Play Games for Unity 0.9.50 breaks LinkGoogleAccount 1 Answer

    PlayFab

    • Multiplayer
    • LiveOps
    • Data & Analytics
    • Runs on PlayFab
    • Pricing

    Solutions

    • For Any Role

      • Engineer
      • Designer
      • Executive
      • Marketer
    • For Any Stage

      • Build
      • Improve
      • Grow
    • For Any Size

      • Solo
      • Indie
      • AAA

    Engineers

    • Documentation
    • Quickstarts
    • API Reference
    • SDKs
    • Usage Limits

    Resources

    • Forums
    • Contact us
    • Blog
    • Service Health
    • Terms of Service
    • Attribution

    Follow us

    • Facebook
    • Twitter
    • LinkedIn
    • YouTube
    • Sitemap
    • Contact Microsoft
    • Privacy & cookies
    • Terms of use
    • Trademarks
    • Safety & eco
    • About our ads
    • © Microsoft 2020
    • Anonymous
    • Sign in
    • Create
    • Ask a question
    • Create an article
    • Post an idea
    • Spaces
    • PlayStream
    • Feature Requests
    • Add-on Marketplace
    • Bugs
    • API and SDK Questions
    • General Discussion
    • LiveOps
    • Explore
    • Topics
    • Questions
    • Articles
    • Ideas
    • Users
    • Badges