CloudSave,access forbidden: insufficient permissions

The client cannot be created cloudsave,insufficient permissions.

But I’ve already added it

My code:

I don’t know what the problem is, please help me, thank you!

Hi @user13,

By default user will not have access to modify Game Record, user would only be able to read Game record. Since the screenshot indicates that it will be performed using a Confidential IAM client (e.g. Game Server, Custom Backend Tools), it’s essential to utilize the Server API.

Would you be able to try our example on Saving Game Records from the server here: Store in-game configurations in game records | AccelByte Documentation ?

Let us know if there is any question or issue.


But when I store cloud storage, I don’t connect to the server.
By server, do you mean created DS?
Is there another way that all users can store reads?

Hi @user13,

Could you let us know what you are trying to achieve? We might be able to provide a suggestion for your use case.

Hi, All our users can create their own room data. Users can read all rooms created by all users and can modify the room data.

Hi @user13,

You can use the player record in this case, but other users can only read the data.

The reason why writing game records can only be performed using Confidential IAM (e.g., Game Server) is for security. If a regular user could overwrite the game record, it would pose a risk for hacking.

Ok, thank you very much.

Sry, One more question: are there any in public storage?
All can be stored after temporary data,thank you

Hi @user13,

I’m sorry, but if I’m not mistaken, what you want to achieve is a single public storage that can be written by any user. Unfortunately, we don’t have that capability, and only Confidential IAM can do that.

If you can share more details about your use case, we might be able to help you achieve it with a different approach.

If you can explain the player flow to us, like what the players will do from main menu to publish the data then other players can use the data for spawning the room data, that would be helpful for us to assist you further.

If this data is tied to a game session and it’s temporary (you mentioned “room data” previously), I would recommend using game session attributes when creating a game session [AccelByte Documentation - Game Session Attributes], you can put custom session configuration there and other players that joined the session from session browser [ Play test - Browse dedicated server joinable sessions - (Unity module) | AccelByte Documentation] , they can read and modify the configuration as well.

I know it is possible to create sessions and add properties, but as you said, this is AD hoc. We need a permanent one that won’t be released.I’m using ams, no persistent sessions.
Our process is that players can create any room that all players can browse and enter. Update the room data after entering, such as the number of people online and so on.

Hi @user13,

Thanks for giving us more detailed information. Based on your use case, player can update room data after entering DS (I assume), then this should be DS job to update the data, not player. So if player want to update the room data, you can use RPC to inform the DS to update their game record. You can use this function to update game record from your DS.

Please be mindful about data racing, since multiple player can edit the room data, maybe you need to update in a batch periodically.

Thank you for your answer. In fact, we need to update the room data outside the room (has not yet entered the DS), our homeowners can set the room information outside the room (introduction pictures, etc.), at this time the homeowners can also submit the room, after submitting the room data will be stored in the database, other players can obtain the room data.

I see, then instead of using a game record, you can use a player record to save the room data. Later, another player who joins the DS can also manipulate the data via the DS. This way is safer since the DS will validate whether any data manipulation by other users is valid or not.

However, when the player posts a room outside the room, the game data cannot be updated (because it is not entered into the DS), and other players will not be able to access the published room information.

Let me summarize what you need to achieve based on your use case:

  1. Any user can create and update their room data inside/outside DS (Player Record with USER permission).
  2. Any user can read other room data (Player Record with USER permission).
  3. Any user can update other room data inside DS (Player Record with ADMIN permission).

With this information, you can use the approach I’ve already explained:

  1. When the room owner wants to save room data either inside or outside the DS, you can use SaveUserRecord and set it to public.
  2. When another user wants to retrieve any room data, they can use GetUserRecord.
  3. When another user wants to update other room data, that user must join the DS and communicate using an RPC call. The DS will then call ServerSaveUserRecord.

If this case doesn’t meet your requirements, I’ll communicate with our internal team to see if we have a solution for you.

Thank you very much for your hard work. I said our thinking:

  1. When I create a room, I save the room information to the userRecord.
  2. When I submit this room, I will create the session (remember the room ID, session ID) so that other users can see it
  3. When other users enter the room, DS updates the room information (room ID, session ID, etc., obtained from the owner ID) to gameRecord.
  4. Other users display all rooms through gameRecord, but what if the session expires?

If that’s the case, then before a user joins the room, you need to check if the session ID is still valid by using GetGameSession. If the session is valid, then the user can join the DS. If the session is invalid, you can CreateSession, and the DS will patch the room data to replace the old session ID.

But, this will have a lot of edge cases, I recommend you use the persistent session to achieve that.

Unfortunately, our AMS does not have a persistent session option

Actually, you can enable the persistent session by using Update Session Template Configuration. You can use Swagger or Postman to enable the persistent session, but please be careful here since persistent sessions are only valid for DS-type sessions. For more information regarding persistent sessions, you can read here: Configure persistent session | AccelByte Documentation.

Meanwhile, I’ll report to the internal team regarding the persistent session option in the Admin Portal.