Skip to main content

SSO & Auth

The SSO & Auth tab in the Players section is where you configure which authentication providers players can use to sign into your project. Only enabled providers are accepted — any sign-in attempt through a disabled provider will be rejected.

To open it: navigate to Players → SSO & Auth in the project sidebar.


Overview

The page lists all available authentication providers. Each provider shows its current status and, when expanded, its configuration fields.

The header displays how many providers are currently enabled out of the total available — for example, 2 of 6 providers enabled.

Providers fall into two categories:

Standard providers require you to supply credentials from the provider's developer console. PlayServ uses these to validate authentication on the backend.


Providers

Sign in with Google accounts via OAuth 2.0.

1

Get credentials from Google Cloud

Go to console.cloud.google.com and open or create a project. Navigate to APIs & Services → Credentials and create an OAuth 2.0 Client ID with application type Web application.

2

Enter credentials in PlayServ

Copy the Client ID and Client Secret into the corresponding fields in PlayServ.

FieldDescription
Client IDOAuth 2.0 client identifier from Google Cloud console
Client SecretOAuth 2.0 client secret from Google Cloud console
Redirect URIGenerated by PlayServ — read only
3

Add the Redirect URI to Google

Copy the Redirect URI shown in PlayServ and add it to the list of Authorised redirect URIs in your Google Cloud OAuth app, then save the changes in Google Cloud.

4

Test and enable

Click Test connection to verify the credentials are accepted, then toggle the provider on.


Testing a connection

Each standard provider has a Test connection button that appears when the provider row is expanded. Use it after entering credentials to verify that PlayServ can reach the provider before enabling it.

tip

Test the connection before enabling the provider. A misconfigured provider that is enabled will silently reject all sign-in attempts through that method.


End-to-end testing with Test Tools

PlayServ includes a built-in Test Tools page that lets you run a full authentication flow against your live backend without writing any code.

Open it via the Test sign-in button in the top-right of the Player authentication header on the SSO & Auth page, or navigate directly to dashboard.playserv.com/test-tools.

Test Tools page — provider cards awaiting probe

1

Get your Public SDK key

You need a Public SDK key (pk_...) to use Test Tools. This key is shown only once — at the moment it is created in the PlayServ dashboard.

Save your token dialog — the only moment the Public SDK key is shown

If you did not save it when it was created, generate a new key in SDK Key Management. Once closed, the token cannot be retrieved.

2

Enter the key in Test Tools

Paste your Public SDK key into the Public SDK key field at the top of the Test Tools page.

The key already carries the project and environment — no project ID is needed separately. The tool calls GET /api/v1/auth/providers and activates the cards for all providers that are currently enabled and configured in your project.

3

Run the authentication flow

Click the card for the provider you want to test. Each card drives the full sign-in flow end-to-end.

Google SSO opens the Google consent screen → callback → returns player_id and session_token.

Apple Sign-in opens the Apple JS SDK popup → /apple/verify → returns player_id and session_token.

Epic Online Services drives the Epic /start → callback → returns player_id and session_token.

4

Verify the result

After a successful sign-in the tool displays the issued player_id and session_token. These are real credentials — the player account is created in your project if it did not exist before.

note

Facebook SSO is listed in Test Tools as Coming Soon — the test harness is not yet available for that provider.


Enabling and disabling providers

Each provider has a toggle on the right side of its row. Providers are enabled or disabled independently.

  • Toggling a provider off immediately stops accepting sign-ins through it. Players who previously authenticated via that provider will not be able to log in again until it is re-enabled.
  • Toggling a provider on makes it available as a sign-in method as soon as the credentials are valid and the connection is verified.

Coming soon

The following providers are listed in the SSO & Auth tab but are not yet available:

PlayServ Webhook (PlayServ-native) — your auth server calls PlayServ. Use this when you already have your own login UI and want to delegate token issuance to PlayServ.

PlayServ Auth Token (PlayServ-native) — the SDK passes a signed token. Use this when you mint JWTs server-side and pass them directly into the SDK.


Next steps