Photon Steam Authentication

Content

Application Setup

Adding Steam as an authentication provider is easy and it could be done in few seconds from your Photon Applications' Dashboard. Go to the "Manage" page of an application and scroll down to the "Authentication" section. If you add a new authentication provider for Steam or edit an existing one, here the mandatory settings:

  • apiKeySecret: Steam Publisher Web API key. Read more about how to get one here.
  • appid: ID of the Steam game. You can get one after going through Steam Direct process (formerly known as Steam Greenlight).
  • verifyOwnership: Can be true or false: Whether or not to enable Ownership Verification during authentication. This allows you to verify if the user really owns (purchased the game and has it in his library) the game. This step, if enabled, will be performed just after validating the user's session ticket. Enabling this may add extra delay in authentication, so enable it only if you really need it.
  • verifyVacBan: Can be true or false: Whether or not to check if the user has been banned using Valve's Anti-Cheat (VAC) during authentication. Read more here. Enabling this may add extra delay in authentication, so enable it only if you really need it.
  • verifyPubBan: Can be true or false: Whether or not to check if the user has been banned using a Publisher Ban during authentication. Read more here. Enabling this may add extra delay in authentication, so enable it only if you really need it.

Client Code

The client must use Valve's Steamworks API to get a session ticket. This ticket is proof that the client is a valid Steam user.

If you are using Unity or .NET you can use the free and open source wrapper Steamworks.Net.

Get Ticket

Use the following code to get a session ticket using the Steamworks API and convert it to a hex encoded UTF-8 string:

// hAuthTicket should be saved so you can use it to cancel the ticket as soon as you are done with it
public string GetSteamAuthTicket(out HAuthTicket hAuthTicket) 
{
    byte[] ticketByteArray = new byte[1024];
    uint ticketSize;
    hAuthTicket = SteamUser.GetAuthSessionTicket(ticketByteArray, ticketByteArray.Length, out ticketSize);
    System.Array.Resize(ref ticketByteArray, (int)ticketSize);
    StringBuilder sb = new StringBuilder();
    for(int i=0; i < ticketSize; i++) 
    {
        sb.AppendFormat("{0:x2}", ticketByteArray[i]);
    }
    return sb.ToString();
}

Send Ticket

The client must send the user's session ticket (after converting it to a hex encoded UTF-8 string) as a value of a query string key "ticket".

AuthenticationValues authValues = new AuthenticationValues();
authValues.AuthType = CustomAuthenticationType.Steam;
authValues.AddAuthParameter("ticket", SteamAuthSessionTicket);
authValues.UserId = SteamUser.GetSteamID().ToString(); // UserId is always required in Photon Chat
// do not set authValues.Token or authentication will fail
chatClient.Connect(chatAppId, chatAppVersion, authValues);

Cancel Ticket

It is recommended to cancel or revoke the ticket once authentication is done.

SteamUser.CancelAuthTicket(hAuthTicket);

 To Document Top