Windows
This article guides you through setting up Apple as an identity provider, enabling your Windows game to access Player Network authentication services.
Prerequisites
1. Set up the Apple app on the Apple Developer Platform
1. Create a Services ID
If you are using an existing Services ID, select the corresponding Services ID from the Identifiers page, enable Sign in with Apple under Edit your Services ID Configuration, then click Configure to continue with step 6.
Log in to the Apple Developer Platform. From the top navigation bar, click Account, then select Identifiers under Certificates, IDs & Profiles.
Click the blue add icon (+).
Select Services IDs and click Continue.
Enter the Description and Identifier.
- Description: The name or description of the game app.
- Identifier: The unique identifier.
Under Capabilities, enable Sign in with Apple and click Configure.
Under Return URLs, add the redirect links provided by Player Network, then click Save.
- North America: https://na-webproxy.intlgame.com/v2/webproxy/appleredirect
- Singapore and other regions: https://sg-webproxy.intlgame.com/v2/webproxy/appleredirect
- Testing: https://test-webproxy.intlgame.com/v2/webproxy/appleredirect
- aws-North America: https://aws-na-webproxy.intlgame.com/v2/webproxy/appleredirect
Click Continue > Register to create the Services ID.
2. Create a private key to access services
Create a private key used to calculate the client_secret
and the corresponding Key ID.
In the Certificates, Identifiers & Profiles sidebar, select Keys.
Click the the blue add icon (+).
Under Key Name, enter a unique name for the key.
Select the checkbox next to Sign in with Apple, and click Configure.
Under Primary App ID, select the app ID created in the previous step and click Save.
Click Continue.
Click Register to generate the key, and note down the Key ID.
Click Download to download the key file (CAN ONLY BE DOWNLOADED ONCE, DO NOT LOSE IT) which is saved as a text file with a .p8 file extension.
3. Get the Team ID
- Log in to the Apple Developer Platform.
- In the top navigation bar , tap Account and scroll down to find Membership details to view your team ID.
For more information about configurations on Apple Developer Platform, see What the Heck is Sign In with Apple?.
- Create an account for Player Network Console.
- Create a new project for your game, or join an existing one.
- Download the SDK.
- Integrate the SDK.
- Add Apple as an authentication method for your project on Player Network Console.
Step 1: Configure the SDK for Apple login
Open the project's INTLConfig.ini:
[Apple]
APPLE_WEB_APP_ID = {INTL_APPLE_WEB_APP_ID}
- Replace
{INTL_APPLE_WEB_APP_ID}
with the Apple Web APPLICATION ID of the game.
Step 2: Add Apple login
- It is not possible to test Apple login on a re-signed package. It is recommended to use TestFlight or Dev package.
- Apple login does not provide
PictureUrl
(User avatar URL). For more information, see INTLAuthResult for Unity and FINTLAuthResult for UE.
Passing email
and fullName
as login permission parameters to the Login
API:
- During first login, the username can be edited and an option to hide email is available (Fig 1).
email
andfullName
can be obtained from the callback.- If the player chose to hide their email, a random address will be returned.
- If the player chose to share their email, the actual email address will be returned.
email
andfullName
will not be returned on subsequent logins, and the login interface (Fig 2) will not provide options to edit username or hide email.- If the user stops the app from using the Apple ID and then logs in again, the interface will show the options in Fig 1.
Players can go to Settings > [Your Username] > Password and Security > Apps using Apple ID > [App Name] > Stop using Apple ID to stop or allow apps to use Apple ID for login.
When the Login
method login permission parameters pass in null strings, the login interface will not provide options to edit username and hide email (Fig 2). In the callback, the email
and fullName
fields are null.
Fig 1:
Fig 2:
Add an observer to handle authentication callbacks.
- Unity
- Unreal Engine
// Add callbacks
public void AddAuthObserver()
{
INTLAPI.AddAuthResultObserver(OnAuthResultEvent);
}
// Remove callbacks
public void RemoveAuthObserver()
{
INTLAPI.RemoveAuthResultObserver(OnAuthResultEvent);
}
// Process the INTLAuthResult callback
public void OnAuthResultEvent(INTLAuthResult ret)
{
Debug.Log($"MethodID: {ret.MethodId}");
string methodTag = "";
if (authRet.MethodId == (int)INTLMethodID.INTL_AUTH_LOGIN)
{
methodTag = "Login";
}
else if (authRet.MethodId == (int)INTLMethodID.INTL_AUTH_BIND)
{
methodTag = "Bind";
}
else if (authRet.MethodId == (int)INTLMethodID.INTL_AUTH_AUTOLOGIN)
{
methodTag = "AutoLogin";
}
else if (authRet.MethodId == (int)INTLMethodID.INTL_AUTH_QUERY_USER_INFO)
{
methodTag = "QueryUserInfo";
}
else if (authRet.MethodId == (int)INTLMethodID.INTL_AUTH_GET_AUTH_RESULT)
{
methodTag = "GetAuthResult";
}
}C++ Event Handling (above v1.15)
//configure callback
FINTLAuthEvent authEvent;
authEvent.AddUObject(this, &OnAuthResult_Implementation);
UINTLSDKAPI::SetAuthResultObserver(authEvent);
// Remove callbacks
UINTLSDKAPI::GetAuthResultObserver().Clear();void OnAuthResult_Implementation(FINTLAuthResult ret)
{
UE_LOG(LogTemp, Warning, TEXT("MethodID: %d"), ret.MethodId);
}Unreal Event Handling
void OnAuthResult_Implementation(FINTLAuthResult ret)
{
UE_LOG(LogTemp, Warning, TEXT("MethodID: %d"), ret.MethodId);
}Call the
AutoLogin
method.- Unity
- Unreal Engine
INTLAPI.AutoLogin();
UINTLSDKAPI::AutoLogin();
Call the
Login
method to ask for user input if auto-login fails.- Unity
- Unreal Engine
INTLAPI.Login(INTLChannel.Apple);
UINTLSDKAPI::Login(EINTLLoginChannel::kChannelApple);
Sync client authentication state with the game's backend and wait for the final authentication result.
[Optional] Set up email permissions
Player authorization is required to obtain the email address for Apple, and will not be available if player authorization is refused, see Passing email
and fullName
to the Login
API for more information.
Set up permissions to obtain the email address of players during Apple login, returned as email
in the ChannelInfo
of AuthResult
.
- Email masking can be performed on the returned
email
according to compliance requirements, reach out to the Player Network representative to enable this feature. - The hashed
base64(sha256(email))
can be reported to the backend logs, reach out to the Player Network representative to enable this feature. - Can be used to verify if
email
is present in a player's profile or third-party channel information, reach out to the Player Network representative to enable this feature.
Add
email
to thepermissions
parameter when calling the Login API.Enable email return on Player Network Console by setting return_email to YES, see Configure Third-party Channels for detailed procedures.
Step 3: Test the login function
Search for the keyword "AuthResult" in the Player Network SDK logs to verify if the correct channel name and OpenID are returned. If they are, it indicates a successful configuration and the login function has been added successfully.