Set up Oculus as an identity provider

Last updated on October 3, 2023

Overview

This guide helps verified Oculus developers to connect Oculus Accounts to AccelByte Gaming Services (AGS). You may need to set up additional features within Oculus services.

For more information about setting up Oculus services, we recommend contacting your Oculus representative and reviewing Oculus documentation. You can also request confidential guide materials from your AccelByte Technical Producer.

Goals

• Enable the Oculus authentication method for your game with the AGS SDK.
• Enable the Oculus authentication method for your publisher website with the AGS Player Portal.

Prerequisites

Web login integration

• You must have a verified Oculus Developer account.
• You have an AGS Admin Portal account to set up authentication and manage permissions.
• If you have not done so already, set up a Publisher Namespace for your Player Portal and Launcher.
• You have a Player Portal.

In-game login integration

• You must have a verified Oculus Developer account.
• For Unreal Engine, you need to have the OnlineSubsystem Oculus plugin activated.
• For Unity, you need the Oculus Unity Integration. You can find that in Oculus Integration | Integration | Unity Asset Store.
• You have an AccelByte Admin Portal account to set up authentication and manage permissions.
• If you have not done so already, set up a Game Namespace for your game.
• You have a Unity or Unreal Engine game project with the latest version of the AccelByte Game SDK imported.
• You have a basic understanding of AccelByte IAM Clients.

Set up Oculus Meta

Set up Oculus Meta application

Set up the Oculus Meta application on your Oculus developer account. Follow Oculus Meta's Create an App Page guide.

Oculus Meta request platform feature

After you finish creating the application, request a data use checkup to get access to certain user data, such as user ID, user profile, and avatar. Follow the Submitting a DUC Guide steps on Oculus Meta's Data User Checkup guide.

note

If you have trouble setting up on the Oculus Developer Portal, contact customer support to request a copy of the available guide from AccelByte.

Set up Oculus login method

Web login

To enable your players to log in to your Player Portal using their Oculus accounts, follow these steps:

1. Log in to the AccelByte Admin Portal. Choose your Publisher Namespace.

2. Click Login Methods below the User Management sidebar, then click the + Add New button on the Login Methods page.

   

3. Click on Oculus Web.

   

4. The Create Configuration pop-up will appear. Fill in the required information, then click Create.

   • Fill in the Client ID field with your Oculus App ID.
   • Fill in the Client Secret field with your Oculus App Secret.
   • Fill in the Organization ID field with your Oculus Organization ID.
   • Fill in the Redirect URI field with <BASE_URL>/auth/platforms/oculusweb. Replace <BASE_URL> with your domain address, e.g., https://development.accelbyte.io.

   

5. You will be redirected to the detail page. Click Activate on the detail page, then click Activate on the pop-up.

   

In-game login

To enable your players to log in from in-game using their Oculus accounts, follow these steps:

1. Log in to the AGS Admin portal, then choose your Game Namespace.

2. Click Login Methods below the User Management sidebar, then click the + Add New button on the Login Methods page.

   

3. Click on Oculus SDK.

   

4. The Create Configuration pop-up will appear. Fill in the required information, then click Create.

   • Fill in the Client ID field with your Oculus App ID.
   • Fill in the Client Secret field with your Oculus App Secret.

   

5. You will be redirected to the detail page. Click Active on the detail page, then click Activate on the pop-up.

   

Create an IAM client

An IAM client is a representation of the game client that you want to release on your target platform. With IAM Client, your game client can request access to protected AGS resources with the appropriate permissions. Learn more about IAM Clients in Manage access control for applications.

1. Go to Platform Configurations. Then, click IAM Clients under the ACCOUNT section.

   

2. On the IAM Clients page, click + Create New.

   

3. On the Create New IAM Client form, fill in the required information.

   Basic information

   • Client ID: The system generates the Client ID. Copy it and you can use it in your SDK Configuration for your game build.

   • Client Type: Select Confidential. We recommend that you use the Confidential type, since you might need to add some permissions later for accessing AGS. Adequate security is not available with the Public type.

   • Secret: You can type the secret yourself, or you can click Generate Client Secret to generate a secret key.

   Warning

   The client secret isn't visible after the creation step. Ensure you save a secure copy of it as you'll need it when you set up your game configuration.

   • Client Name: We recommend you use specific name, e.g., <game name> <target platform>.

   • Namespace: Select your game namespace from the dropdown.

   • Scopes: Keep the default values in this field.

   • Redirect URI: Type http://127.0.0.1 in this field, since it's for the Game Client Build.

   • Target Audience: Leave blank.

   • Base URI: Leave blank.

   • Description: Describe the IAM client. You can add a description of up to 256 characters.

   Client SDK Configuration

   • Platform: Select the Target Platform your game is built on.

   • Advanced Configurations: This section consists of additional features such as two-factor authentication (2FA) and override expiration time. As this is for a Game Client build, you can leave these as default or disabled.

   

   

4. Click Create. The system redirects you to the Client Detail page.

   

   Go to the Permissions tab to set up the permissions you need. To learn how, refer to the IAM Client permission docs.

   

In-game login

The setup for each game engine is different. Follow the steps applicable to your game engine.

Unreal Engine Instructions

Unreal in-game login integration

You can integrate Oculus to sign in with AccelByte SDK to enable your players to log in to games with Oculus credentials.

Unreal Engine preparation and configuration

Add dependency

1. Add public dependency modules called OnlineSubsystem, OnlineSubsystemOculus, and LibOvrPlatform to your Build.cs file. These dependencies are needed for your project to use the Oculus online subsystem from Unreal Engine.

   public ABThirdPartyLogin(ReadOnlyTargetRules Target) : base(Target)
   {
   PCHUsage = PCHUsageMode.UseExplicitOrSharedPCHs;
   
   PublicDependencyModuleNames.AddRange(new string[] { "Core",    "CoreUObject", "Engine", "InputCore", "OnlineSubsystem", "OnlineSubsystemUtils",
   "OnlineSubsystemOculus","LibOVRPlatform",
   "Sockets", "Networking", "InputCore", "AccelByteUe4Sdk", "Json", "JsonUtilities", "Http", "WebSockets"
       });
   
   PrivateDependencyModuleNames.AddRange(new string[] {  });
   PrivateDependencyModuleNames.Add("OnlineSubsystem");

2. You also need to add OnlineSubsystemOculus inside TutorialProject.Target.cs and TutorialProjectEditor.Target.cs.

   public ABThirdPartyLoginTarget( TargetInfo Target) : base(Target)
   {
   Type = TargetType.Game;
   DefaultBuildSettings = BuildSettingsVersion.V2;
   ExtraModuleNames.AddRange( new string[] { "ABThirdPartyLogin", "OnlineSubsystem", "AccelByteUe4Sdk", "OnlineSubsystemOculus" } );
   }

   public ABThirdPartyLoginEditorTarget( TargetInfo Target) : base(Target)
   {
   Type = TargetType.Editor;
   DefaultBuildSettings = BuildSettingsVersion.V2;
   ExtraModuleNames.AddRange( new string[] { "ABThirdPartyLogin", "OnlineSubsystem", "AccelByteUe4Sdk", "OnlineSubsystemOculus" } );
   }

Unreal Engine project setting for Oculus

Inside your DefaultEngine.ini file, you need to add several variables of Oculus configuration. You need this configuration to open the project. By default, Oculus initiates automatically. If you develop a rift app, make sure you're using RiftAppId=[YourAppId]. Otherwise, you can use OculusAppId=[YourAppId].

[OnlineSubsystem]
DefaultPlatformService=Oculus

[OnlineSubsystemOculus]
bEnabled=true
RiftAppId=[YourAppId]

Unreal Engine sample code implementation

Learn how to integrate Oculus Login Integration into your game with our SDK. Our logic is to override a player's login when they log in with Oculus and use our platform to provide services our SDK can access.

The project uses Oculus as a platform so players can log in with Oculus credentials.

1. Ensure you call the online identity function for getting platform_tokens once Oculus does an entitlement pass.

   const IOnlineSubsystem* OnlineSubsystem = IOnlineSubsystem::Get();
   if (OnlineSubsystem == nullptr)
   {
   FString Message = TEXT("Cannot login with no online subsystem set!");
   UE_LOG(LogTemp, Warning, TEXT("%s"), *Message);
   OnActionInfoUpdated.Broadcast(Message);
   return;
   }
   
   const IOnlineIdentityPtr OnlineIdentity = OnlineSubsystem->GetIdentityInterface();
   if (!OnlineIdentity.IsValid())
   {
   FString Message = TEXT("Could not retrieve identity interface from native subsystem.");
   UE_LOG(LogTemp, Warning, TEXT("%s"), *Message);
   OnActionInfoUpdated.Broadcast(Message);
   return;
   }

2. Once the system retrieves the platform_token, it uses the token to call the AccelByte loginWithOtherPlatform API. The code looks like this:

   const FOnLoginCompleteDelegate NativeLoginComplete = FOnLoginCompleteDelegate::CreateLambda([=]
   (int32 LocalUserNum, bool bWasSuccessful, const FUniqueNetId& UserId, const FString& Error) {
   UE_LOG(LogTemp, Warning, TEXT("OnLoginComplete %s : %s"), bWasSuccessful ? TEXT("Success") : TEXT("Fail"), *Error);
   FString Message = FString::Printf(TEXT("OnLoginComplete %s : %s"), bWasSuccessful ? TEXT("Success") : TEXT("Fail"), *Error);
   OnActionInfoUpdated.Broadcast(Message);
   
   if (bWasSuccessful)
   {
   auto OculusUserId = OnlineIdentity->GetUniquePlayerId(0);
   auto GenAuth = OnlineIdentity->GetAuthToken(LocalPlayer->GetControllerId());
   const FString PlatformToken = (TEXT("%s:%s"), OculusUserId, GenAuth);
   UE_LOG(LogTemp, Warning, TEXT("PlatformToken : %s"), *PlatformToken);
   OnActionInfoUpdated.Broadcast(FString::Printf(TEXT("PlatformToken : %s"), *PlatformToken));
   
   FRegistry::User.LoginWithOtherPlatform(EAccelBytePlatformType::Oculus, PlatformToken, OnLoginSuccessDelegate, OnLoginErrorDelegate);
   UE_LOG(LogTemp, Warning, TEXT("Request LoginWithOtherPlatform"));
   OnActionInfoUpdated.Broadcast(TEXT("Request LoginWithOtherPlatform"));
   }
   });
   OnlineIdentity->AddOnLoginCompleteDelegate_Handle(LocalPlayer->GetControllerId(), NativeLoginComplete);
   const bool bWaitForDelegate = OnlineIdentity->Login(LocalPlayer->GetControllerId(), FOnlineAccountCredentials());
   if (!bWaitForDelegate)
   {
   FString Message = TEXT("The online subsystem couldn't login");
   UE_LOG(LogTemp, Warning, TEXT("%s"), *Message);
   OnActionInfoUpdated.Broadcast(Message);
   }
   note

   The platform_token for Oculus Authentication is <oculus_user_id>:<nonce_value>.

   Ensure you are calling the right platform in this code: EAccelBytePlatformType::Oculus.

   FRegistry::User.LoginWithOtherPlatform(EAccelBytePlatformType::Oculus, PlatformToken, OnLoginSuccessDelegate, OnLoginErrorDelegate);

Sample code testing

Launch arguments

Launch your project by running it in the editor, or use this executable command with the Command Prompt or Powershell.

"[[PathToUE5Folder]]\Epic Games\UE_5.0\Engine\Binaries\Win64\UnrealEditor.exe]" "[PathToProjectFolder]\TestingUnreal\ABThirdPartyLogin\ABThirdPartyLogin.uproject" -skipcompile -game

The image below shows a successful login to our test app using an Oculus account.

Unity Engine Instructions

Unity in-game login integration

When you integrate your Oculus account to sign in with AccelByte SDK, your players can log in to games using their Oculus credentials.

Unity preparation and configuration

1. Add AccelByte Unity SDK to your Unity project.

2. Add the Unity Oculus Integration Asset from the Unity Asset Store.

3. Ensure you install and list Unity assets.

Unity sample code implementation

Add the AccelByte Unity SDK and Oculus Integration Asset, then follow these steps:

1. Create and name an empty script.

2. Open your script in the Editor and add this code, which checks the entitlement before getting the user ID and nonce:

   void Awake()
   {
   try
   {
       Core.Initialize();// getting oculus APP ID
       Entitlements.IsUserEntitledToApplication().OnComplete(EntitlementCallback);// if entitlement pass will automatically return callback
       Users.GetLoggedInUser().OnComplete(getUserCallback);//to generate userId
       Users.GetUserProof().OnComplete(userProofCallback);//to generate UserNonce
   }
   catch (UnityException e)
   {
       Debug.LogError("Platform failed to initialize due to exception.");
       Debug.LogException(e);
       // Immediately quit the application.
       UnityEngine.Application.Quit();
   }
   }
   
   // Called when the Meta Quest Platform completes the async entitlement check request and a result is available.
   void EntitlementCallback(Message msg)
   {
   if (msg.IsError) // User failed entitlement check
   {
       // Implements a default behavior for an entitlement check failure -- log the failure and exit the app.
       Debug.LogError("You are NOT entitled to use this app.");
       UnityEngine.Application.Quit();
   }
   else // User passed entitlement check
   {
       // Log the succeeded entitlement check for debugging.
       Debug.Log("You are entitled to use this app.");
       LoginStatus.text = "You are entitled to use this app, Please Login";
   }
   }
   void getUserCallback(Message<Models.User> msg)
   {
   if (!msg.IsError)
   {
       Models.User user = msg.Data;
       userId = user.ID.ToString();
       Debug.Log(
           $"user : {user} ");
   }
   else
   {
       Models.Error error = msg.GetError();
   }
   }
   
   void userProofCallback(Message<UserProof> msg)
   {
   if (!msg.IsError)
   {
       UserProof userNonce = msg.Data;
       nonce = userNonce.Value;
       Debug.Log(
           $"userNonce : {userNonce} ");
   }
   else
   {
       Models.Error error = msg.GetError();
   }
   
   }
   

3. Open Oculus Tab > Platform - Edit Setting, then fill in the App Id field.

4. The script continues to run this function.

   public void OnLoginClick()
   {
   OculusLoginButton.interactable = false;
   LoginStatus.text = "Logging in...";
   
   // AccelByte's Multi Registry initialization
   apiClient = MultiRegistry.GetApiClient();
   //Grab a reference to the current User, even though they have not been logged in yet.
   //This also acts as the initialisation point for the whole AccelByte plugin.
   user = apiClient.GetApi<AccelByte.Api.User, UserApi>();
   
   // oculus token
   string oculusToken = userId + ":" + nonce;
   
   Result<TokenData, OAuthError> loginResult = null;
   user.LoginWithOtherPlatform(PlatformType.Oculus, oculusToken,
       (Result<TokenData, OAuthError> loginResult) =>
       {
           if (loginResult.IsError)
           {
               //If we error, grab the Error Error and Description to print in the Log
               Debug.Log(
                   $"Login failed : {loginResult.Error.error} Description : {loginResult.Error.error_description}");
               //Set the Status Text to display the Error if there is any
               LoginStatus.text =
                   $"Login failed : {loginResult.Error.error} Description : {loginResult.Error.error_description}";
           }
           else
           {
               Debug.Log($"Login successful : {loginResult.Value.ToJsonString()}");
   
               LoginStatus.text = $"Success : {loginResult.Value.ToJsonString()} ";
           }
   
           //Enable interaction with the Button again
           OculusLoginButton.interactable = true;
       });
   
   }
   
   note

   The platform_token for Oculus Authentication is <oculus_user_id>:<nonce_value>.

5. The function sends a request to the AccelByte endpoint with the Oculus platform type and returns a callback.

Sample code testing

Now you can build and run your project. The image below shows a successful login using an Oculus Account and our test app.