Search Unity

  1. Welcome to the Unity Forums! Please take the time to read our Code of Conduct to familiarize yourself with the forum rules and how to post constructively.
  2. We have updated the language to the Editor Terms based on feedback from our employees and community. Learn more.
    Dismiss Notice

Question OpenID Connect Firebase Authentication error

Discussion in 'Authentication' started by Seforius, Jan 23, 2023.

  1. Seforius


    Jun 25, 2022
    Hello! I am a reasonably new developer attempting to sign into Unity Authentication with OpenID Connect in order to use other UGS like Cloud Save and Economy. After a bit of research, I managed to cobble together a flow that works something like this:

    0. Create a Firebase project, link it with Unity, and register Firebase as an OIDC provider in my Unity project. (WORKING, however, unsure if I have registered Firebase as an OIDC provider properly!)
    1. Use Firebase API to register and login users using email/password (WORKING)
    2. Use the TokenAsync() method on the resultant FirebaseUser object in order to get what I believe to be the id token of the user (WORKING)
    3. Use that token along with the oidc ID provider that I have registered Firebase with Unity as in order to successfully SignInWithOpenIdConnectAsync() (NOT WORKING).

    Essentially, when I try to sign in using the token that I am getting from the FirebaseUser using the TokenAsync method, I get the following error:

    [Authentication]: Request completed with error: {"title":"PERMISSION_DENIED","detail":"invalid audience","details":[],"status":401}

    Here is a screenshot of the ID provider I have registered with Unity in my project (I have ommitted some of the ID for privacy. I think this might be where the error is coming from?):

    Any insight into the OpenID Connect process and its integration with UGS would be extremely valuable since the documentation and forum posts out there are few and far between.

    Thank you!

    Attached Files:

  2. Seforius


    Jun 25, 2022
    Nailed it myself. For those interested:

    The issue was with the ID provider registration in Unity (project settings or dashboard). I had to find the correct client ID and issuer URL in order to get past this error.

    For those wondering how to do this for Firebase (or perhaps for other OIDC providers as well) this is what I did.

    For Firebase:

    client ID = project ID. Should probably look like "name-123456".

    issuer url:

    More general approach:

    Try to get an ID token from your OIDC provider (for Firebase, call TokenAsync() on a FirebaseUser object). Then, decode the token (I used and try to find the client id and issuer url in the token's payload. For me, the client ID was in the "aud" field and the issuer URL was in the "iss" field.

    Good luck.
  3. TheOrDOOR


    Mar 16, 2014
    I would pay you money to see how you did this from step 1. Ridiculously hard to find documentation/support on how to basically: authenticate user with email and pw and make it work with UGS.
    kendrick_unity likes this.
  4. kendrick_unity


    Apr 14, 2021
    Yes, tutorial for Step 0 please! @Seforius