Approaches to authentication

Unity Authentication supports authenticating players anonymously and through external identity providers. The external providers can be divided into platform specific and platform agnostic providers. Each solution will have its own pros and cons depending on your use case. Refer to the Best practices section below for general guidance.

Platform specific providers include Google Play Games, Apple Game Center, Steam, and console-specific logins. Platform agnostic providers include Username & Password, Facebook, Unity Player Accounts, and OpenID Connect.

Anonymous authentication

Anonymous authentication is a platform agnostic and frictionless way to implement player authentication, similar to a guest sign-in. It doesn't require players to enter credentials or create a player profile.

On sign in the service creates a new player ID and returns the associated session token, or signs in a returning player. Refer to How to use Anonymous Sign-in and Sign in a cached player for more information.

However, anonymous authentication is not portable across devices because there is no way to re-authenticate the player from another device. To sign in to the same game with the same player profile from a different device, players must use an external identity provider.

Note: Anonymous authentication is a way to describe the process of authenticating the player without collecting or using their personally identifiable information.

External authentication

External authentication (also called third-party authentication) uses external identity providers. These identify the player based on information from an external source, either from the player directly or from the platform where the app is running. This requires you to create an identity provider configuration so that Unity Authentication can validate the player, making it possible to authenticate the same player from multiple devices. The external player identities are then linked to a Unity player ID. A player’s ID and thus experience will be consistent across devices and app installations if the player uses the same external credentials to authenticate.

Note that external identities will always be represented as being linked to a Unity player ID. The underlying Unity player ID can be created automatically by using the external provider sign-up methods in the Unity Authentication SDK, or else by using anonymous authentication first and then linking the external identity afterwards. The end result will always be a Unity player ID with one or more linked external identities. For any given external identity provider, only one identity can be linked to a given Unity player ID.

Attention: The following concerns products or services (each a “Third Party Product”) that are not developed, owned, or operated by Unity. This information might not be up-to-date or complete, and is provided to you for your information and convenience only. Your access and use of any Third Party Product is governed solely by the terms and conditions of such Third Party Product. Unity makes no express or implied representations or warranties regarding such Third Party Products, and will not be responsible or liable, directly or indirectly, for any actual or alleged damage or loss arising from your use thereof (including damage or loss arising from any content, advertising, products or other materials on or available from the provider of any Third Party Products).

Platform-specific authentication

Platform-specific external authentication providers use platform-native APIs to derive the player identity from the platform on which the app is running, and uses that to sign the player into Unity authentication. As a result it represents a form of frictionless external authentication, which is usually preferable to the non-frictionless platform-agnostic authentication solutions outlined below.

Typically the process begins when a player signs in to the platform with their email address, or their username and password. Within the app a token is then requested from the platform and sent to Unity Authentication for validation. If the token is validated successfully by the external identity provider, the token is then associated with the Unity player ID.

While the user experience of a frictionless sign in is generally excellent, platform-specific solutions might not be the best choice for advanced cross-progression requirements (tracking player state and progress across platforms).

The following platform-specific external identity providers are supported by Unity Authentication:

  • Google Play Games: Players are authenticated with their Google Play Games account credentials on Android devices. You must configure an identity provider for Unity Authentication with the OAuth Client ID for the game in order to enable Google as an external ID provider. Refer to Google Play Games sign-in.
  • Apple Game Center: Players are authenticated with their Apple Game Center credentials on iOS devices. You must configure an identity provider for Unity Authentication with the Apple Bundle ID for the game to enable Apple Game Center as an external ID provider. Refer to Apple Game Center sign-in.
  • Steam: Players are authenticated with their Steam account credentials on desktops where the Steam client is installed, running, and the player is signed in to. You must configure an identity provider for Unity Authentication with the Steam Application ID and Steam API Key for the game in order to enable Steam as an external ID provider. Refer to Steam sign-in.
  • Oculus (Meta Quest): Players are authenticated with their Oculus account credentials on an Oculus device. You must configure an identity provider for Unity Authentication with the Oculus Application ID and Client Secret for the game to enable Oculus as an external ID provider. Refer to Oculus sign-in.
  • Consoles: Unity supports console-specific logins for Xbox®, PlayStation®, and Nintendo Switch®. For more details, contact us through the Unity support portal.

Platform-agnostic authentication

External platform-agnostic authentication providers require the player to manually sign in. This typically involves the player temporarily leaving your app to authenticate themselves to the external provider in a different app or web browser, and then return to the app. As a result it represents a form of challenge-based external authentication, which is usually less preferable to the frictionless platform-specific authentication solutions outlined above.

While the user experience of having to sign in externally is usually worse, platform-agnostic solutions better support more advanced cross-progression requirements (tracking player state and progress across platforms).

The following external platform-agnostic identity providers are supported by Unity Authentication:

  • Unity Username & Password: Players authenticate with their own username and password. You must configure a Username & Password identity provider for Unity Authentication. This solution is supported directly in the Unity Authentication SDK. Refer to Username & Password.
  • Facebook: Players authenticate with their Facebook account credentials. This will use the Facebook app where available, or else the website in a web browser. You must configure an identity provider for Unity Authentication with the Facebook Application ID and Facebook Application Secret for the game to enable Facebook as an external ID provider. Unity Authentication only accepts USER token types from Facebook for authentication. Refer to Facebook sign-in.
  • Unity Player Accounts: Players authenticate with their Unity Player account credentials via the Unity Player Accounts web portal. You must configure an identity provider for Unity Authentication with the Unity Player Account Client ID for the game to enable Unity Player Account as an ID provider. This is the simplest method for integrating with the social login providers Sign in with Google and Sign in with Apple. Refer to Unity Player Accounts sign-in.
  • Google: Players authenticate with their Google account credentials. You must configure an identity provider for Unity Authentication with the OAuth Client ID for the game to enable Google as an external ID provider. Refer to Google sign-in.
  • Apple: Players authenticate on iOS devices with their Apple account credentials. You must configure an identity provider for Unity Authentication with the OAuth Client ID for the game in order to enable Apple as an external ID provider. Refer to Apple sign-in.

Bring your own identity

You can use your existing authentication system by integrating a custom authentication solution with Unity Authentication. This means that you must create an identity provider configuration for your own authentication system so that Unity Authentication can validate the player, making it possible to authenticate the same player from multiple devices.

Currently, Unity Authentication supports:

  • OpenID Connect: Authenticating your players through a custom ID provider with OpenID Connect protocol.
  • Custom ID Sign-In: Using your own game server to authenticate your players to Unity Authentication by exchanging tokens and IDs using Custom ID sign-in.

The level of user friction and platform specificity when using custom authentication will depend on how your integration is implemented.

Code-Link

Code-Link is a feature which provides uncomplicated and fast cross-platform ID support across mobile, desktop, and consoles by generating simple codes on one logged-in device that can be used to sign in on another.

With Code-Link, you can provide your players with the flexibility to move across platforms without entering their login credentials multiple times while completely avoiding third-party sign-ins. Code-Link supports both anonymous and platform-specific sign-in methods.

For example, a player can start a game anonymously on their Android device. After reaching level 2, they decide to continue progress on their console. Opening the game on their console generates a code they can enter on their Android device. Once confirmed, they can continue playing on console.

Refer to the Code-Link page for more details.

Recommended best practices

Use the following decision flow diagram to find the best authentication approach for your app.

A decision flow diagram that indicates that you can use anonymous authentication if player progress doesn't need to be persisted across devices or installations. If you do need to persist progress but you don't need to support cross progression, use a platform specific provider. If you want to support both persisted player progress and cross progression, prompt with a platform agnostic provider.

Learn more about anonymous authentication, and more about how best to manage a flow with anonymous authentication and linked external providers.

Unity logo Documentation
Copyright © 2025 Unity Technologies
"Unity", Unity logos, and other Unity trademarks are trademarks or registered trademarks of Unity Technologies or its affiliates in the U.S. and elsewhere (more info here). Other names or brands are trademarks of their respective owners.