Authentication
Access the Steam authentication system with Heathen's Steam API
Like what your seeing?
Support us as a GitHub Sponsor and get instant access to all our assets, exclusive tools and assets, escalated support and issue tracking and our gratitude. These articles are made possible by our GitHub Sponsors ... become a sponsor today!
Introduction
using API = HeathenEngineering.SteamworksIntegration.API;public static class API.AuthenticationThe Authentication API will use the Server or Client version of Valve's Steam API as required. It is not separated into a .Client or .Server version like other APIs as all features are exactly the same between them.
The Authentication has both client and server interfaces that are identical. Heathen's Steam API wrap's these in a single call which will call the appropriate client or server interface for you based on the build type in Unity.
What can it do?
The Authentication interface can be used to generate and validate session tickets. This is most commonly used with Steam Game Server but can also be used to for inventory verification or other similar verified processes.
Related Objects
Fields and Attributes
Active Tickets
Tickets this player has sent out.
Active Sessions
Sessions the player has started.
Methods
IsAuthTicketValid
Determines if the provided ticket handle is valid
EncodedAuthTicket
Encodes a ticket to hex string format
This is most commonly used with web calls such as https://partner.steamgames.com/doc/webapi/ISteamUserAuth#AuthenticateUserTicket
GetAuthSessionTicket
Requests a new Auth Session Ticket
CancelAuthTicket
Cancels the auth ticket rather its client or server based.
BeginAuthSession
Starts an authorization session with the indicated user given the applied auth ticket
EndAuthSession
Ends the auth session with the indicated user if any
UserHasLicenseForApp
Checks if the user owns a specific piece of Downloadable Content (DLC).
EndAllSessions
Ends all tracked sessions
CancelAllTickets
Cancels all tracked tickets
How To
Get a new ticket
To authenticate the user who needs to be authenticated will first get a ticket and then send that data to the entity that will be doing the authentication ... so typically a client gets a ticket and sends it to a server.
The act of sending your ticket data to your server or the other client that wishes to authenticate you is up to your networking solution. Rather that is Mirror, MLAPI, Forge, etc. you will need to send the ticket.Data to that user.
Target Steam ID
Valve added a new parameter to the Get Authentication Ticket process where its necessary to identify who the ticket is intended for. The targetSteamId parameter is simply that the Steam ID of the user or Steam Game Server that will be using the ticket.
Begin a session
When ticket data is recieved you need to begin the auth session with that user and confirm the status of that session.
You can find details on the possible values for the EBeginAuthSessionResult result here:
Ending it
Rather from the authenticated user or the authenticating system a session should be ended when its no longer needed.
To cancel a ticket you sent out
To cancel all tickets you sent out
To end a session you started
To end all sessions you started
Review open tickets and sessions
Your systems should maintain track of its tickets and sessions however the Authenticaitton API does keep a record of all active sessions and tickets.
Do not add or remove tickets or sessions manually
the API.Authentication.ActiveTickets and API.Authenticaiton.ActiveSessions lists can be used to iterate over the active tickets and sessions as required.
Last updated