Hello, I'm trying to provide my players with a way to delete their accounts and data due to GDPR. I found this in the documentation which requires me to enable admin API calls from the unity client, but I read that is not safe to use them as the client has access to my API key. I do not count with custom servers and I'm not sure what kind of internal tools I could use.
As you said, it’s unsafe to add the secret key to clients. For your case, you can call the Admin APIs on Azure Functions, then give players the access of the deleting methods. For clarification, there are two types of player deletion APIs on PlayFab. The API DeleteMasterPlayerAccount is designed to delete the players’ master accounts and all associated data. If your studio only has one title, or you want to remove the specific player account from your studio entirely, you can use this API. The API DeletePlayer is used to remove the players account from the current title. If you publish multiple games under one studio and only want to delete the player account from one title, you can call this API. Both can be called on Azure Functions. Please check our documentation - https://docs.microsoft.com/en-us/gaming/playfab/features/automation/cloudscript-af/quickstart to learn about how to integrate Azure Functions with PlayFab.
8 People are following this question.
