Question Cross auth on Apple device and webGL using Apple SignIn

Hi!

I would like to use Apple SingIn to sync the player progress on Apple devices and on browser (webGL).

As far as I read, the only way is to use OpenID Connect together with the token received from Apple SignIn operation.

What I do now:
- for Apple devices I use the normal Apple SignIn process, receive the token and send it to UGS using
SignInWithOpenIdConnectAsync. In UGS I have an OpenID Connect Identity Provider (IdentityProvider1) added with my app bundle id. Everything works perfectly, and I get user A

- for webGL, I created my Apple account a new ServiceId, that I'm using for Apple SignIn process in browser to get the token. I send this token to UGS using SignInWithOpenIdConnectAsync.
In UGS I have another OpenID Connect Identity Provider (IdentityProvider2) added with my serviceId bundle id. Everything works perfectly for signIn process but a new user B is created instead of linking me to user A.

After decoding both tokens the "sub" (subject) field values are the same and I was expecting to point to the same user.

What do I need to do to get this behaviour?

I did the same thing previously in Playfab and it worked (but the setup for Playfab was a hell).

Cristi

 

Thanks for reply davialbuquerque! Everything you said make sense!

I'm not sure how to add both the WebGL (service id) and Apple devices (app id) into the same OIDC provider.
I tried to add both in "Client ID" field separated by ";" or by " " and my singin request is rejected with 401,

{"title":"PERMISSION_DENIED","detail":"invalid audience","details":[],"status":401}

What's the correct way to add multiple Client IDs?

 

Is there a way, using UGS, Apple App Id (for native app sign in with Apple) and Apple Service Id (for web sign in with Apple), to connect to the same user?

Unfortunately, the app id and service id are unique ids, that will result in 2 OIDC entries in UGS dashboard.

I'm blocked on this topic and, for cross-platform (ios<->web browser) this is a dead end ... looks like UGS has no support here.

 

There is a closed beta going on for the so called "Unity Player Accounts", where a player can sign up with email/password or by using "Sign in with Apple" respectively the google equivalent. This might be what you are looking for.

 

Thank you MiTschMR for reply! I'm looking forward to see the new feature "Sign in with Apple". I'm interested in becoming a part of this close beta .

Still, inside same project, UGS should group OIDC providers based on issuer and targeting the same UGS user based on sub, or to allow developers to group OIDC providers the way we need.

Maybe Apple is a special case, but this is the way Apple is doing their sign in stuff and we need to find ways to workaround it.