PlayFab
If your game is built with PlayFab, integrating SCILL is easy and straightforward.
Integrate SCILL into PlayFab auth
SCILL integrates into existing user authentication systems and does not store any private user data. All items within SCILL are linked to an external user id that you provide.
Some SCILL endpoints require an access token. This is required if your game client directly communicates with the SCILL backend. In these unsecure areas, hackers could extract your API-Key and use it to hack or manipulate their state within your application (faking challenge progress for example). To prevent this, your client asks your backend to generate an access token which then uses an API based SCILL backend to create and sign the access token. In subsequent calls to client APIs you just send the access token instead of the API key to securely identify the user and your game.
If you are using PlayFab Authentication the access token can be generated securely by adding a CloudScript function to your PlayFab CloudScript repository:
// This function generates a SCILL access token for the current PlayFab user.
// More info can be found here: https://developers.scillgame.com/api/authentication.html
handlers.generateSCILLAccessToken = function (args, context) {
// Set your API Key created in the SCILL Admin Panel
var scillApiKey = "ai728S-1aSdgb9GP#R]Po[P!1Z(HSSTpdULDMUAlYX";
var headers = {
"Authorization": "Bearer " + scillApiKey
};
// Provide the current playfab id as the user_id. Please make sure to use the
// same user_id when sending events from the backend and use the generated
// access token on client side
var body = {
user_id: currentPlayerId
};
// Prepare request to SCILL cloud
var url = "https://us.scill.4players.io/api/v1/auth/access-token";
var content = JSON.stringify(body);
var httpMethod = "post";
var contentType = "application/json";
// The pre-defined http object makes synchronous HTTP requests to SCILL cloud
var response = http.request(url, httpMethod, content, contentType, headers);
var parsedData = JSON.parse(response);
// Return the access token as a string
return parsedData.token;
};
Get Access Token in Game
Using the PlayFab SDK in your game you can use the PlayFabClientAPI.ExecuteCloudScript function to execute CloudScripts
and getting back the result. In the cloud function provided above, the result is the access token as a string.
Unity
In the Unity SDK the SCILLManager class sets up SCILL, generates
an access token and handles the lifetime of other SCILL classes. The default implementation of SCILLManager uses
the SCILLBackend to create an access token using the API key within
the game. This is not recommended for production use, at this exposes the API key to the client.
To use the PlayFab authentication and CloudScript created earlier, create a new subclass of SCILLManager
and override the GenerateAccessToken function like shown below:
// The default SCILLManager implementation creates access token in client - which is not recommended for production
public class MySCILLManager : SCILLManager {
// Override SCILLManager class with custom implementation
public override IPromise<string> GenerateAccessToken(string userId)
// Execute cloud script created earlier and either return access token or error
PlayFabClientAPI.ExecuteCloudScript(new ExecuteCloudScriptRequest()
{
FunctionName = "generateSCILLAccessToken", // name of function created in PlayFab cloud
GeneratePlayStreamEvent = true
},
(ExecuteCloudScriptResult result) =>
{
// Return the access token returned by the cloud function back to the SCILLManager to set up everything
return Promise<string>.Resolved(result.FunctionResult);
},
(PlayFabError error) =>
{
return Promise<string>.Rejected(error.errorMessage);
});
}
}
Unreal
In Unreal, use the PlayFab SDK to wire up a Blueprint that executes the PlayFab login and wire the PlayFab user id to the SCILLClient blueprint component.
The whole process is described in the Unreal Getting Started Guide