Bug Unable to validate token error 401 when using SignInWithOculusAsync()

Hello, I am trying to use the new Oculus sign in capabilities of the Authentication package by using the example script provided for Oculus SignIn, however I get the next error when I try to use : AuthenticationService.Instance.SignInWithOculusAsync(oculusNonce, userId);

Project Information :
Unity 2021.3.15f1
Authentication 2.3.1

[Authentication]: Request failed: 401, {"title":"PERMISSION_DENIED","detail":"unable to validate token","details":[],"status":401}
UnityEngine.Logger:LogError (string,object)
Unity.Services.Authentication.Logger:LogError (object) (at Library/PackageCache/com.unity.services.authentication@2.3.1/Runtime/Utilities/Logger.cs:18)
Unity.Services.Authentication.AuthenticationServiceInternal:BuildServerException (Unity.Services.Authentication.WebRequestException) (at Library/PackageCache/com.unity.services.authentication@2.3.1/Runtime/AuthenticationServiceInternal.cs:796)
Unity.Services.Authentication.AuthenticationServiceInternal/<HandleSignInRequestAsync>d__108:MoveNext () (at Library/PackageCache/com.unity.services.authentication@2.3.1/Runtime/AuthenticationServiceInternal.cs:526)
System.Runtime.CompilerServices.AsyncTaskMethodBuilder`1<Unity.Services.Authentication.SignInResponse>:SetException (System.Exception)
Unity.Services.Authentication.WebRequest/<SendAsync>d__15`1<Unity.Services.Authentication.SignInResponse>:MoveNext () (at Library/PackageCache/com.unity.services.authentication@2.3.1/Runtime/Network/WebRequest.cs:63)
System.Threading.Tasks.TaskCompletionSource`1<string>:SetException (System.Exception)
Unity.Services.Authentication.WebRequest:RequestCompleted (System.Threading.Tasks.TaskCompletionSource`1<string>,long,bool,bool,string,string,System.Collections.Generic.IDictionary`2<string, string>) (at Library/PackageCache/com.unity.services.authentication@2.3.1/Runtime/Network/WebRequest.cs:193)
Unity.Services.Authentication.WebRequest/<>c__DisplayClass16_0:<SendAttemptAsync>b__0 (UnityEngine.AsyncOperation) (at Library/PackageCache/com.unity.services.authentication@2.3.1/Runtime/Network/WebRequest.cs:76)
UnityEngine.AsyncOperation:InvokeCompletionEvent ()

Why does this error happens and how to solve it ?

 

Experiencing the same issue!

 

I resolved the issue by granting authorization of the AppID in the Oculus Dashboard Data Use Check Up

 

I still having trouble getting this to work. I still ge tRequest failed: 401, {"title":"PERMISSION_DENIED","detail":"unable to validate token","details":[],"status":401}

I verified:
- app id and secret are correct
- Data use checkup is done
- I pass the entitlments check with my developer account

And still when i use the SignInWithOculusAsync it refuses me. Getting desperate here

Edit: Just noticed when i set my details in the editor i get the same error

 

I checked the Data use Check but don't see a part that says to approve the app id?

 

Here is a screenshot https://imgur.com/a/9DV60uZ (it was User ID not App ID my bad)

 

I have that one approved. So that does not seem to be the problem.

 

I found the issue btw, there was an error with the OculusId we where passing to to login function. All solved now!

 

I just upgraded to Unity 2021.3.21 (macOS) and am now getting this error on device, but the exact same code worked when using 2021.3.18. Also worth noting that when I rollback, I have to revert any automatic changes (packages.json etc) that upgrading to 2021.3.21 did, otherwise the error persists.

 

This issue persists for me for versions 2021.3.22 and 2021.3.23.

 

Hey @justdizzy

We had the same problem and managed to find out why.
Unity 2021.3.21 fixes a problem where, if you upgraded before from Unity 2020.3, your code stripping level was changed to a lower value than expected. When upgrading our project from 2021.3.9f1 to 2021.3.21f1, this actually caused our code stripping to go up (!) from minimal to low.

This is the entry in the changelog:

IL2CPP: Projects created prior to 2021.3 and opened in 2021.3 or newer could have their Managed Stripping Level incorrectly migrated to the new default value of Minimal when the old default of Low should have been retained. (UUM-19512)​

The issue with Oculus authentication is caused by code stripping. You can fix it by changing back to Minimal code stripping, or by adding a link.xml file in your project with this content:

Code (CSharp):

1. <linker>
2. <assembly fullname="Unity.Services.Authentication" preserve="all" />
3. </linker>

I confirmed this works.
Unity's Authentication team helped me track this down and they will fix the package with code stripping soon.

 

I upgraded Unity to 2021.3.28f1, grabbed the latest Authentication service, and now it works.

I'm trying this out for the first time so I can save to the cloud but I'm getting the same error. Here's what I've done:

Meta Quest Dashboard

• Under API I retrieved the following
  • User ID
  • App ID
  • App Secret
• Data Use Checkup
  • Both User ID and User Profile have been approved

Unity Editor

• Project Settings > Services > Authentication
  • Added Oculus Identifier
  • Set App ID to the one in the above steps
  • Set App Secret from the one in the above steps
• Project Settings > Services
  • Unity Project ID is set and points to my project and organization
• Project Settings > Player > Managed Stripping Level
  • Set to Low
• OculusPlatformSettings
  • Application ID > Meta Quest/2/Pro set to the App ID from the above steps.

At runtime on the Meta Quest 2

• Initialize the platform
• Entitlement passes
• I am able to retrieve the User.ID and Nonse.
  • The User.ID matches the one under API on the Meta Quest Dashboard for the game
  • UserProof.Value (Nonse) is a Super long string that changes every time it is retrieved
• AuthenticationService.Instance.SignInWithOculusAsync
  • Pass in UsesrProof.Value and User.ID
  • I get the same exception as the OP

Versions

• Unity
  • 2020.3.48f1
• Authenticate
  • 2.4.0
• Cloud Save
  • 2.0.1

I've been successfully using Meta Quest Dashboard > Leaderboards.

 

I'm having the same issue as LittleDreamerGames. Everything is exactly as he described and I am on version 2021.3.28f1 for the Unity Editor and 3.2.0 for Authentication service.

I still get the 401 unable to validate token error.

The other weird issue is that when I try it in a build I don't get any error at all in the adb logs, instead Oculus' Users.GetUserProof().OnComplete callback never gets called (I put a debug log in it that never prints). But in the editor the callback is called perfectly and I get the correct userId and a seemingly valid Nonse but then I get the 401 error.

I am at a loss here... Anyone have any ideas or suggestions?

 

I solved the issue.

The problem was that I was using msg.Data.OculusID instead of msg.Data.ID to sign in using AuthenticationService.Instance.SignInWithOculusAsync method.

This is stated in a comment in unity's documentation here, although it's not very obvious and easy to miss...

Also, make sure that everything mentioned by LittleDreamerGames above is correct as well.

 

UPDATE: It is still not working in a build.

In the editor, everything is working now. But in a build, Users.GetUserProof().OnComplete callback never gets called.

 

Turns out the final bug where the Complete callback was not getting called was because I was calling it from a separate thread. It seems that Users.GetUserProof() must be called from the main Unity thread otherwise the Complete callback will not fire in a build.

Also, since you can only set 1 oculus provider in the authentication tab under services in project settings, you have to SignInAnonymously() while in editor. This setting is save in the Unity Cloud so it is not local to the branch you are working on which means you cannot switch between rift and quest app without affecting all users (in editor and in builds). So the solution is to have anonymous UGS users when testing in the editor and just link/sign them in when in a build.

 

Guys I've been struggling for months with this, it turned out that, in my case, I just needed to signout -> signin my account on the PC Oculus app. Looks like the token generated on the initial sign in, needs to be refreshed after granting UserId feature on the Oculus dashboard.
I need to do this each time I create an Oculus app.