Search Unity

  1. We are migrating the Unity Forums to Unity Discussions. On July 12, the Unity Forums will become read-only.

    Please, do not make any changes to your username or email addresses at id.unity.com during this transition time.

    It's still possible to reply to existing private message conversations during the migration, but any new replies you post will be missing after the main migration is complete. We'll do our best to migrate these messages in a follow-up step.

    On July 15, Unity Discussions will become read-only until July 18, when the new design and the migrated forum contents will go live.


    Read our full announcement for more information and let us know if you have any questions.

Question OpenID Connect PERMISSION_DENIED: Validation Failed

Discussion in 'Authentication' started by MegaCrapkin, May 7, 2023.

  1. MegaCrapkin

    MegaCrapkin

    Joined:
    Feb 25, 2023
    Posts:
    2
    Hello,

    I have followed the OIDC authentication instructions and integrated with my self-hosted OAuth server to return an id_token to the Unity game. However, on calls to both SignInWithOpenIdConnectAsync (when not logged in anonymously) and LinkWithOpenIdConnectAsync (when logged in anonymously), I receive the following response:

    Request failed: 401, {"title":"PERMISSION_DENIED","detail":"validation failed","details":[],"status":401}​

    This error message is not very useful, the documentation has no mention of this, and the very few existing posts I have found with this error either list a fix that is not relevant to OIDC or don't list a fix at all.

    On my server logs, I see no requests during the SignIn or Link calls, which leads to me believe this is a permission/validation issue with Unity Authentication and not with the OIDC credentials or OAuth server.

    Is this correct, or is there something else I am missing in this implementation?
     
  2. MegaCrapkin

    MegaCrapkin

    Joined:
    Feb 25, 2023
    Posts:
    2
    Turns out it was an issue with my OAuth server! Would be nice to have a little more descriptive error message though.

    Solution:
    The OAuth provider was set to confidential, and of course Unity doesn't know the client secret. I had previously tested setting it to public, but with the same result. What I should have done was also made sure there was a signing key setup (I feel like that should be defaulted on for public providers -- but oh well!).