Skip to main content

Requirements

  • Playtolia SDK (with Authentication enabled)

Authentication API

Playtolia Authentication API provides secure login and session management for your players. The API supports multiple authentication strategies including automatic login prompts, manual authentication flows, and session state management. Use PlaytoliaAuth to handle user authentication, manage login dialogs, and listen to authentication state changes.

Authentication strategies

If you have “Authentication Required” enabled

Playtolia will display a login dialog as soon as the PlaytoliaGameObject you’ve placed in your scene becomes active.
This authentication strategy doesn’t require further manual setup. However, most of the time asking your players to login as soon as the game starts is not great for user experience.We recommend using PlaytoliaAuth APIs to customize when and where the login prompt will appear.

If you have disabled “Authentication Required”

You might want to display a trailer, display a demo level, or simply ask for login after your player has progressed in the game. In that case you must disable the “Authentication Required” checkbox from your Playtolia Settings (in the project settings) and prompt login manually. PlaytoliaAuth.cs is a high-level wrapper to interact with auth related components. You can use PlaytoliaAuth.cs to prompt login, retrieve user session or listen to authentication state changes.

Prompting login

Import the PlaytoliaSDK.Runtime to your script by adding the using directive
LoginButton.cs
using PlaytoliaSDK.Runtime;
Call the PromptLogin function inside another function. Pass a boolean value to specify if the login dialog will be dismissable.
LoginButton.cs
public void PromptLoginNonDismissable()
{
    PlaytoliaAuth.PromptLogin(false);
}

public void PromptLoginDismissable()
{
    PlaytoliaAuth.PromptLogin(); // or PlaytoliaAuth.PromptLogin(true);
}
If you prompt a dismissable login, the player can tap on the scrim (background) or close button on the dialog to cancel the login. If you prompt a non-dismissable login, Playtolia will prevent the player from closing the login dialog. This also blocks the player from interacting with the game scene (dialogs block the touch interaction with your scene).

Getting the auth state

AuthState is a simple object that holds access token, refresh token, and expiration info. In order to get the AuthState from your C# code, you can use GetState function.
AuthHelper.cs
public bool IsUserLoggedIn()
{
    return PlaytoliaAuth.GetState() != null;
}

public string GetAccessToken()
{
    var authState = PlaytoliaAuth.GetState();
    return authState?.AccessToken;
}

Understanding AuthState structure

The AuthState object contains essential authentication information:
  • AccessToken: JWT token for API authentication
  • RefreshToken: Token used to refresh the access token
  • Expiration: Unix timestamp when the access token expires
  • RefreshTokenExpiration: Unix timestamp when the refresh token expires
AuthStateInfo.cs
public void DisplayAuthInfo()
{
    var authState = PlaytoliaAuth.GetState();

    if (authState != null)
    {
        Debug.Log($"Access Token: {authState.AccessToken}");
        Debug.Log($"Refresh Token: {authState.RefreshToken}");
        Debug.Log($"Token Expires: {DateTimeOffset.FromUnixTimeSeconds(authState.Expiration)}");
        Debug.Log($"Refresh Expires: {DateTimeOffset.FromUnixTimeSeconds(authState.RefreshTokenExpiration)}");

        // Check if token is close to expiring
        var currentTime = DateTimeOffset.UtcNow.ToUnixTimeSeconds();
        var timeUntilExpiry = authState.Expiration - currentTime;

        if (timeUntilExpiry < 300) // Less than 5 minutes
        {
            Debug.Log("Token expires soon - will be refreshed automatically");
        }
    }
    else
    {
        Debug.Log("User is not authenticated");
    }
}

Listening to authentication changes

Authentication state can change during runtime due to:
  • Login: Player successfully authenticates
  • Token refresh: Automatic token renewal in the background
  • Logout: Player logs out or session expires
  • Network changes: Connection issues affecting authentication
To keep your game logic up-to-date, add listeners to PlaytoliaAuth:
UIMenu.cs
public void Start()
{
    PlaytoliaAuth.AddListener(() => {
        var state = PlaytoliaAuth.GetState();
        var isLoggedIn = state != null;

        // Set LoginMenu gameobject active, if the user is not signed in.
        LoginMenu.SetActive(!isLoggedIn);

        // Enable/disable game features based on auth state
        if (isLoggedIn)
        {
            EnableOnlineFeatures();
        }
        else
        {
            DisableOnlineFeatures();
        }
    });
}

void EnableOnlineFeatures()
{
    // Enable leaderboards, cloud saves, etc.
    Debug.Log("Online features enabled");
}

void DisableOnlineFeatures()
{
    // Switch to offline mode
    Debug.Log("Switching to offline mode");
}
Listening to changes in the auth state is very useful since player session may expire. The listener functions you’ve added will be called after any auth state change (including logins and token refresh). This is specifically useful to know when your player has logged in, to update the UI.

Managing logout

You can programmatically log out users and optionally prompt for re-authentication:
LogoutManager.cs
using PlaytoliaSDK.Runtime;
using UnityEngine;

public class LogoutManager : MonoBehaviour
{
    public void LogoutAndPromptLogin()
    {
        // Logout and immediately show login prompt
        PlaytoliaAuth.Logout(promptLogin: true);
    }

    public void LogoutSilently()
    {
        // Logout without showing login prompt
        PlaytoliaAuth.Logout(promptLogin: false);
    }
}

Canceling login flows

If you need to cancel an ongoing login process:
LoginController.cs
public void CancelLogin()
{
    PlaytoliaAuth.CancelLogin();

    // Handle canceled login state
    HandleLoginCanceled();
}

void HandleLoginCanceled()
{
    Debug.Log("Login was canceled by user");
    // Show guest mode options or retry button
}

Authentication providers

Playtolia supports multiple authentication providers that players can choose from: Google OAuth 2.0:
  • Seamless integration with Google accounts
  • Cross-platform support (Android & iOS)
  • Automatic profile information retrieval
Facebook Login:
  • Native Facebook SDK integration
  • Access to basic profile information
Apple Sign In:
  • Required for iOS apps (App Store guidelines)
  • Privacy-focused authentication
  • Hide My Email support
Discord OAuth:
  • Gaming-focused authentication
  • Discord profile integration
Email/Password:
  • Traditional authentication method
  • Custom registration flows
Anonymous/Guest Mode:
  • Temporary authentication
  • Local data storage
  • Easy upgrade to full account

Need to access user information?

Use the Session API to get detailed user information including username, email, and player ID.

Account Management

Create and manage in-game profiles. Use Sessions API to get or add avatar, name, and custom properties for your players.