Custom Player Portal Login - Steam Login

I am using the shared cloud and want to have my player portal allow for both username/password or steam login. I followed the Setup Steam as an identity provider guide.

But on my custom player portal (using Next.js + Next-auth v5) I only ever see the email/password option. I am using authorization grant flow with PKCE and state checks. I notice the URL I end up getting redirected to (via the iam/v3/oauth/authorize) is https://prod.gamingservices.accelbyte.io/auth/login but the guides screenshot URL shows “auth-v2” not sure if that means anything though. Otherwise the URLs look pretty similar minus the different client ids and callbacks.

I see in the swagger docs for the authorize endpoint there is a query parameter target_auth_page but it is not clear how to use it or if it is what I should use.

Is there some parameter or configuration step I could have missed?

Hi @user23,

Apologies for the delayed response. It seems there’s a misleading detail in our documentation regarding the Custom Player Portal. Currently, Steam web authentication isn’t supported for Shared Cloud. This results in IAM redirecting the web login to the AccelByte login website URL instead.

Let me know if you need further clarification!

Hello @Damar_AB,

If I directly support Steam OAuth Login on my custom portal is there any way to exchange a third-party (Steam) access token for an Accelbyte access token?

Hi @user23,

Our internal team is currently looking into the possibility of implementing this. We’ll get back to you with an update soon.

Thank you for your patience!

1 Like

hi @user23

There is a workaround to use Steam OAuth Login in your custom player portal. Your portal must perform Steam OpenID authentication to obtain the Steam authentication ticket, which can then be passed to the AGS Platform Token API to retrieve the AGS access token.

Example flow:

  1. Setup the steamopenid login method in Auth & Account Linking menu

  2. Your custom player portal invoke the Steam OpenID endpoint in the browser.

    • Specify your custom portal/backend url in the query parameter openid.realm and openid.return_to.
    • The openid.return_to should contains the custom backend endpoint that will handle the redirection from steam later.

    Example: https://steamcommunity.com/openid/login?openid.ax.mode=fetch_request&openid.ax.required=fullname,firstname,lastname,email&openid.ax.type.email=http://axschema.org/contact/email&openid.ax.type.firstname=http://axschema.org/namePerson/first&openid.ax.type.fullname=http://axschema.org/namePerson&openid.ax.type.lastname=http://axschema.org/namePerson/last&openid.claimed_id=http://specs.openid.net/auth/2.0/identifier_select&openid.identity=http://specs.openid.net/auth/2.0/identifier_select&openid.mode=checkid_setup&openid.ns=http://specs.openid.net/auth/2.0&openid.ns.ax=http://openid.net/srv/ax/1.0&openid.ns.sreg=http://openid.net/extensions/sreg/1.1&openid.realm=https://yourcustombackend.net&openid.return_to=https://yourcustombackend.net/authenticatesteam?&openid.sreg.optional=nickname,email,fullname,dob,gender,postcode,country,language,timezone

  3. The steam will redirect user to steam’s authentication page.

  4. After user perform the authentication, the steam will redirect user to the openid.return_to that provided in the step 2.

    Example: https://yourcustombackend.net/authenticatesteam?openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.mode=id_res&openid.op_endpoint=https%3A%2F%2Fsteamcommunity.com%2Fopenid%2Flogin&openid.claimed_id=https%3A%2F%2Fsteamcommunity.com%2Fopenid%2Fid%2F76561199041202060&openid.identity=https%3A%2F%2Fsteamcommunity.com%2Fopenid%2Fid%2F76561199041202060&openid.return_to=https%3A%2F%2Fyourcustombackend.net%2Fauthenticatesteam%3F&openid.response_nonce=2024-12-16T14%3A10%3A37ZMBDp4EzdDXk3doigqYZaRKI6hbM%3D&openid.assoc_handle=1234567890&openid.signed=signed%2Cop_endpoint%2Cclaimed_id%2Cidentity%2Creturn_to%2Cresponse_nonce%2Cassoc_handle&openid.sig=%2FpWtjt6Yc5zhivY3h2lM9nxTCFI%3D

  5. The custom backend should extract all query parameters from the Steam redirect URL and append them to the following URL https://steamcommunity.com/openid/login.

    Example: https://steamcommunity.com/openid/login?openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.mode=id_res&openid.op_endpoint=https%3A%2F%2Fsteamcommunity.com%2Fopenid%2Flogin&openid.claimed_id=https%3A%2F%2Fsteamcommunity.com%2Fopenid%2Fid%2F76561199041202060&openid.identity=https%3A%2F%2Fsteamcommunity.com%2Fopenid%2Fid%2F76561199041202060&openid.return_to=https%3A%2F%2Fyourcustombackend.net%2Fauthenticatesteam%3F&openid.response_nonce=2024-12-16T14%3A10%3A37ZMBDp4EzdDXk3doigqYZaRKI6hbM%3D&openid.assoc_handle=1234567890&openid.signed=signed%2Cop_endpoint%2Cclaimed_id%2Cidentity%2Creturn_to%2Cresponse_nonce%2Cassoc_handle&openid.sig=%2FpWtjt6Yc5zhivY3h2lM9nxTCFI%3D

  6. The custom backend invoke Platform Token API and use the New URL in the step 5 as the platform_token payload.

    Example CURL:

    curl --location 'https://â– â– â– â– â– â– â– â– â– â– â– â– â– â– â– â– â– â– â– â– â– â– â– â– â– â– â– â– â– â– â– â– â– â– .gamingservices.accelbyte.io/iam/v4/oauth/platforms/steamopenid/token' \
    --header 'Content-Type: application/x-www-form-urlencoded' \
    --header 'Authorization: Basic <REDACTED>' \
    --data-urlencode 'platform_token=https://steamcommunity.com/openid/login?openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.mode=id_res&openid.op_endpoint=https%3A%2F%2Fsteamcommunity.com%2Fopenid%2Flogin&openid.claimed_id=https%3A%2F%2Fsteamcommunity.com%2Fopenid%2Fid%2F76561199041202060&openid.identity=https%3A%2F%2Fsteamcommunity.com%2Fopenid%2Fid%2F76561199041202060&openid.return_to=https%3A%2F%2Fyourcustombackend.net%2Fauthenticatesteam%3F&openid.response_nonce=2024-12-16T14%3A10%3A37ZMBDp4EzdDXk3doigqYZaRKI6hbM%3D&openid.assoc_handle=1234567890&openid.signed=signed%2Cop_endpoint%2Cclaimed_id%2Cidentity%2Creturn_to%2Cresponse_nonce%2Cassoc_handle&openid.sig=%2FpWtjt6Yc5zhivY3h2lM9nxTCFI%3D'
    
  7. If everything is set up correctly, AGS platform will register the user Steam ID (if it’s a new user) or log in the user (if it’s an existing user), and then return the AGS access token.

Hope this helps and gives you the insight you need.
Thank you

Thanks! I will give it a try.