Elements Manual
Elements 3 Manual
Elements 2 ManualElements 3 Manual
Elements 3 Manual
Elements 2 ManualElements 3 Manual
  • Welcome 👋
  • QUICK START
    • Elements in Five Minutes or Less
    • Accessing the Web UI (CRM)
    • Creating A User
  • General
    • General Concepts
    • N-Tier Architecture
    • Security Model
  • Core Features
    • Core API Overview
    • Sessions
    • Applications
    • Users and Profiles
    • Digital Goods
    • Progress and Missions
    • Leaderboards
    • Matchmaking
    • Followers
    • Friends
    • Reward Issuance
    • Save Data
    • Schemas and Metadata Specifications
    • Queries
      • Base Query Syntax
      • Boolean Queries
      • Object Graph Navigation
      • Advanced Operators
        • .ref
        • .name
    • Custom Code
      • Element Structure
      • RESTful APIs
      • Websockets
    • Auth Schemes
      • OIDC
      • OAuth2
  • Web 3
    • Omni Chain Support
    • Vaults
    • Wallets
    • Smart Contracts
      • Smart Contracts: Ethereum
      • Smart Contracts: Flow
      • Smart Contracts: Solana
      • Smart Contracts: Neo
  • CONFIGURATION
    • Direct Database Access and Batch Configuration
    • Batch Samples
      • Item Upload Bash Script Sample
      • Mission Upload Bash Script Sample
  • RESTful APIs
    • Swagger and Swagger UI
    • API Specification
      • /application
      • /application/configuration
      • /auth
      • /auth_scheme
        • /custom
        • /oauth2
        • /oidc
      • /blockchain
      • /followee
      • /follower
      • /friend
      • /google
      • /index
      • /inventory
      • /item
      • /large_object
      • /leaderboard
      • /rank
      • /score
      • /match
      • /mission
      • /progress
      • /reward_issuance
      • /schedule
      • /notification
      • /profile
      • /save_data
      • /metadata_spec
      • /mock_session
      • /session
      • /health
      • /version
      • /signup
      • /user
    • Javadocs
Powered by GitBook
On this page
  • OAuth2 Auth Scheme Anatomy
  • Steam Example
  1. Core Features
  2. Auth Schemes

OAuth2

When creating a new Session, you have the option to authenticate using a predefined OAuth2 Auth Scheme.

PreviousOIDCNextOmni Chain Support

Last updated 2 days ago

OAuth2 Auth Scheme Anatomy

OAuth2 Auth Schemes are comprised of:

  • the Scheme name

  • a Validation URL, which Elements will use to validate the token it receives

  • the Response Id Mapping, which Elements will use to get the user id from the validation request (see below for example)

  • a list of Headers and a list of Parameters for the validation request, which can be predefined, or sent from the client and filled in by Elements before making the validation request

Steam Example

One of the default OAuth2 Auth Schemes is for authenticating via Steam. We'll use this as an example as to how these can be used.

It will be necessary to have a registered application on Steam, as this process will require an application id.

The goal here is to have our client application retrieve an auth ticket from Steam, then to send that to Elements, which in turn will use the ticket to verify the corresponding user id.

First let's look at the auth scheme to determine what Elements is expecting:

{
            "id": "67d673f5131dde00b60e230a",
            "name": "Steam",
            "validationUrl": "https://api.steampowered.com/ISteamUserAuth/AuthenticateUserTicket/v1/",
            "headers": [
                {
                    "key": "x-webapi-key",
                    "value": "Copy from Steam publishing settings.",
                    "fromClient": false
                },
                {
                    "key": "Content-Type",
                    "value": "application/x-www-form-urlencoded",
                    "fromClient": false
                }
            ],
            "params": [
                {
                    "key": "appid",
                    "value": "Steam AppId (Sent from frontend)",
                    "fromClient": false
                },
                {
                    "key": "ticket",
                    "value": "Ticket from GetAuthSessionTicket (Sent from frontend)",
                    "fromClient": true
                },
                {
                    "key": "identity",
                    "value": "You define this when requesting the ticket. Must match frontend.",
                    "fromClient": false
                }
            ],
            "responseIdMapping": "steamid"
        }

We're basically telling it how to format the request that Elements will send to the authenticating server. In this case, we're telling Elements to expect the ticket to be sent from the client (the only header or parameter with fromClient as true), and that all other values will be preset in the scheme and stored within Elements.

When you make the call to GetAuthTicketForWebApi to retrieve the auth ticket, you pass in an identity value. This can be anything (or nothing), but must match on the client and server side.

Once you have the Session object, you're all set!

This assumes that you already have a process set up to retrieve the auth ticket, either manually as depicted in the , or through a client library, such as .

When we make a request against the endpoint, Elements will format a new request using the headers and params information in the scheme, and will send the request to the validationUrl defined in the scheme.

When Elements receives the response, it will use the responseIdMapping to look for a corresponding key, and will assume the value of this key is the user's id. If Elements retrieves the user id successfully, it will automatically associate this Steam user id with an Elements user, and return the object back to you.

Steam documentation
Steamworks.net
/auth/oauth2
Elements Session