Skip to main content

Android Configuration

Single Sign-On (5.4 onwards)

As of UE5.4, there is better support for obtaining an IdToken for Google Authentication. However there are still some changes that need to be made.

If you are on a Source build, open Engine\Plugins\Online\OnlineSubsystemGoogle\OnlineSubsystemGoogle.uplugin and add Android to the PlatformAllowList array. If you are on a Launcher build, you can simply copy this plugin from this directory into your projects Plugins directory and make the appropriate change.

Configuration

Next, update your AndroidEngine.ini file to contain the following:

[OnlineSubsystem]
DefaultPlatformService=GooglePlay
NativePlatformService=Google

[OnlineSubsystemGoogle]
bEnabled=True
ClientId=your-client-id-here
ServerClientId=your-server-client-id-here


[OnlineSubsystemGoogle.OnlineIdentityGoogle]
+ScopeFields="email"
+ScopeFields="profile"
+ScopeFields="https://www.googleapis.com/auth/userinfo.email"
+ScopeFields="https://www.googleapis.com/auth/userinfo.profile"
bRequestIdToken=true
bRequestOfflineAccess=true

This will ensure that you are using OnlineSubsystemGoogle as the native platform OSS in order to perform SSO.

bRequestIdToken will request an IdToken that you can pass to mod.io's authentication service. bRequestOfflineAccess will request a server-side token that can be used as an alternative to the IdToken.

Ensure that you replace the ClientId and ServerClientId with your client IDs from Google Cloud Console. The ClientId should be the Android OAuth Credential that you have linked to your title in Google Play Console. ServerClientId should be the Web Application OAuth Credential that you configured.

Getting the Token

Once you have configured the above options, you should be able to obtain either an IdToken or ServerAuthCode that you can use with mod.io authentication.

const IOnlineSubsystem* OnlineSubsystem = IOnlineSubsystem::GetByPlatform();
const IOnlineIdentityPtr OnlineIdentity = OnlineSubsystem->GetIdentityInterface();

OnlineIdentity->AddOnLoginCompleteDelegate_Handle(0, NativeLoginComplete);
OnlineIdentity->Login(0, FOnlineAccountCredentials());

// In the NativeLoginComplete delegate, however you set it up, if it was a successful login, you can then obtain the Server Auth Token as follows:
FString IdToken, ServerAuthToken;

UserAccount.Get()->GetAuthAttribute(AUTH_ATTR_ID_TOKEN, IdToken);
UserAccount.Get()->GetAuthAttribute(AUTH_ATTR_AUTHORIZATION_CODE, ServerAuthToken);

// Now perform Auth to the mod.io service
AuthParams.AuthToken = ServerAuthToken;
AuthParams.bUserHasAcceptedTerms = true;
            
// Alternatively you could set AuthParams.AuthToken = IdToken and use EModioAuthenticationProvider::GoogleIDToken
ModioSubsystem->AuthenticateUserExternalAsync(AuthParams, EModioAuthenticationProvider::GoogleServerSideToken, FOnErrorOnlyDelegateFast::CreateUObject(this, OnAuthenticationComplete));

Single Sign-On (Pre-5.4)

For Unreal Engine versions before 5.4, you need to make some engine-level modifications in order for Android SSO to work. You must be using a source build rather than an engine build.

Open Engine\Plugins\Online\OnlineSubsystemGoogle\Source\ThirdParty\Android\Java\GoogleLogin.java and change the init method to uncomment .requestServerAuthCode(serverClientId).

Change the getAuthTokenJsonStr method to the following:

private String getAuthTokenJsonStr(GoogleSignInAccount acct)
{
  if (acct != null)
  {
    return "{\"access_token\":\""+ acct.getServerAuthCode() +  "\"," +
        "\"refresh_token\":\"androidInternal\"," +
        "\"id_token\":\""+ acct.getIdToken() + "\"}";
  }
  return "";
}

Finally, Open OnlineSubsystemGoogle.uplugin and add Android to the PlatformAllowList array.

Configuration

Once you have made the above changes, update your AndroidEngine.ini to contain the following:

[OnlineSubsystem]
DefaultPlatformService=GooglePlay
NativePlatformService=Google

[OnlineSubsystemGoogle]
bEnabled=True
ClientId=your-client-id-here
ServerClientId=your-server-client-id-here

[OnlineSubsystemGoogle.OnlineIdentityGoogle]
+ScopeFields="email"
+ScopeFields="profile"
+ScopeFields="https://www.googleapis.com/auth/userinfo.email"
+ScopeFields="https://www.googleapis.com/auth/userinfo.profile"

This will ensure that you are using OnlineSubsystemGoogle as the native platform OSS in order to perform SSO.

Ensure that you replace the ClientId and ServerClientId with your client IDs from Google Cloud Console. The ClientId should be the Android OAuth Credential that you have linked to your title in Google Play Console. ServerClientId should be the Web Application OAuth Credential that you configured.

Getting the Token

Once you have configured the above options, you should be able to obtain a server side token that you can use for auth with mod.io.

const IOnlineSubsystem* OnlineSubsystem = IOnlineSubsystem::GetByPlatform();
const IOnlineIdentityPtr OnlineIdentity = OnlineSubsystem->GetIdentityInterface();

OnlineIdentity->AddOnLoginCompleteDelegate_Handle(0, NativeLoginComplete);
OnlineIdentity->Login(0, FOnlineAccountCredentials());

// In the NativeLoginComplete delegate, however you set it up, if it was a successful login, you can then obtain the Server Auth Token as follows:
const FString PlatformToken = OnlineIdentity->GetAuthToken(0);

// Now perform Auth to the mod.io service
AuthParams.AuthToken = PlatformToken;
AuthParams.bUserHasAcceptedTerms = true;
            
ModioSubsystem->AuthenticateUserExternalAsync(AuthParams, EModioAuthenticationProvider::GoogleServerSideToken, FOnErrorOnlyDelegateFast::CreateUObject(this, OnAuthenticationComplete));