UPDATE: The logic below works and I have it running successfully. I'm going to betray my ignorance completely on this matter. I don't know what I'm doing at this point. I want to use Steam as my authentication layer for a multi-user game. My app is on there, unreleased, but my server is a headless c̶h̶i̶c̶k̶e̶n̶ dedicated process which will likely end up on Digital Ocean or AWS. My intention is: Client requests a secure token/ticket via ISteamUser::GetAuthSessionTicket Client connects, via UNET to server and passes the aforementioned ticket Use the ISteamUser Interface magic to find out extra details about the user On the server, use the Steam web API to validate token via ISteamUserAuth If client passes the check, proceed to instantiate them, grant chat privileges etc... If client fails, return some sort of error to them with useful feedback Everybody dance now I could really use some advice regarding the correct approach here. If someone's done this before, just a *nod* is all I need.