Common errors
This section describes common errors that may be returned by the Authentication service.
SDK error codes
ClientInvalidUserState
Returned when the player is not in the expected state. For example, calling SignOut
when the player is already signed out will result in this error.
ClientNoActiveSession
Returned when trying to sign in with a session token while there is no cached session token. Refer to the Session management and PlayerPrefs sections for more information on how and where a session token is saved.
ClientUnlinkExternalIdNotFound
Returned when a player tries to unlink a social account but no external ID for that provider is found for the account. This could be because the player info has not been loaded.
ClientInvalidProfile
Returned when a player tries to switch profile but the profile name is invalid. Refer to the Profile management section for more information.
InvalidParameters
Returned when a parameter is missing or not in the right format.
AccountAlreadyLinked
Returned when a player tries to link a social account that is already linked with another player.
AccountLimitExceeded
Returned when a player tries to link a social account but this player has already reached the limit of links for that account type. Social platform account linking is typically limited to one link per platform type per player.
InvalidSessionToken
Returned when the session token is invalid.
BannedUser
Returned when the request was understood but the user has been banned from logging in.
EnvironmentMismatch
Returned when there is a mismatch between the requested environment and the one configured.
API error responses
Any errors returned by the service API are in the RFC 7807 format. For more details, refer to the RFC 7807 documentation.
When using the SDK, these errors will be logged to the console and can provide additional insights for debugging.
- status: This is the HTTP status code.
- title: This is a custom error code defined by the Authentication Service.
- detail: This is a human readable message that may include details about what the issue is. This field is intended for debugging purposes during development.
For error code paths, only determine the subsequent action using the status or title fields. Do not use the detail field to determine subsequent code paths.
If the status is in the 400-499 range, it is likely the error is on the client and most likely there are steps you can take to rectify the issue, be it in the API calls to Unity Authentication or in the authentication via Platform specific providers. Please check the API inputs to make sure they are correct.
By looking at the detail field you can find further description at the issue at hand. Below you can find the most common errors by description and the steps you can take to try and fix them.
Detail:
- token is expired
- not valid yet
- token issued at claim is in the future
Description: These errors indicate that the token is not valid at this current moment, whether it’s because the token was issued for a time period later or earlier than now.
Steps to fix:
- Refresh the external token
- Sign in or link again.
Detail:
- invalid audience
Description: This usually applies to ID Token based authentication. It indicates there is a mismatch between the application or client ID you registered with Unity Authentication and the application ID listed on the token, which is usually in the audience field.
Steps to fix:
- Check the Identity Providers section for the relevant ID provider and take note of the expected format for the application or client ID.
- Verify if the application or client ID you registered within Unity Authentication in the Editor Settings page or Unity Cloud Dashboard matches the one from your identity provider.
Note: Sometimes the ID Provider provides multiple application ids in different formats, and inputting the incorrect type will lead to this error.
Detail:
- invalid issuer
- invalid signature
Description: These errors indicate that the ID token was not issued by the expected source.
Steps to fix:
- Verify how and where the ID token was fetched from, and if it matches what Unity Authentication supports.
Detail:
- malformed token
- validation failed
- invalid token
Description: This indicates there was some issue with the token input.
Steps to fix:
- Verify if the token is the expected token type for the ID Provider.
- Verify if the token is manipulated in any way after fetching it from the ID Provider. Generally speaking, tokens should not be manipulated.
- Get a new token.
Android-specific errors
Android Network Error
SSL CA certificate Error. Only TLS version 1.2 and above are supported for Android devices. TLS 1.2 is supported by Android API levels 16+ and enabled by default on 20+.