FAQ for sign in with platform specific providers

This section describes common errors that may be returned.

Any errors are returned in the RFC 7807 format. For more details, refer to the RFC 7807 documentation.

  • status: This is the HTTP status code.
  • title: This is a custom error code defined by the Authentication Service..
  • detail: This is a human readable message that may include details about what the issue is. This field is intended for debugging purposes during development.

For error code paths, only determine the subsequent action using the status or title fields. Do not use the detail field to determine subsequent code paths.

If the status is in the 400-499 range, it is likely the error is on the client and most likely there are steps you can take to rectify the issue, be it in the API calls to Unity Authentication or in the authentication via Platform specific providers. Please check the API inputs to make sure they are correct.

By looking at the detail field you can find further description at the issue at hand. Below you can find the most common errors by description and the steps you can take to try and fix them.

For all of these issues, you can check the How to use Platform-specific sign in and Identity Providers sections for more details about specific Identity Providers.


  • token is expired
  • not valid yet
  • token issued at claim is in the future

Description: These errors indicate that the token is not valid at this current moment, whether it’s because the token was issued for a time period later or earlier than now.

Steps to fix:

  1. Refresh the external token
  2. Sign in or link again.


  • invalid audience

Description: This usually applies to ID Token based authentication. It indicates there is a mismatch between the application or client ID you registered with Unity Authentication and the application ID listed on the token, which is usually in the audience field.

Steps to fix:

  1. Check the Identity Providers section for the relevant ID provider and take note of the expected format for the application or client ID.
  2. Verify if the application or client ID you registered within Unity Authentication in the Editor Settings page or Unity Cloud Dashboard matches the one from your identity provider.

Note: Sometimes the ID Provider provides multiple application ids in different formats, and inputting the incorrect type will lead to this error.


  • invalid issuer
  • invalid signature

Description: These errors indicate that the ID token was not issued by the expected source.

Steps to fix:

  1. Verify how and where the ID token was fetched from, and if it matches what Unity Authentication supports.


  • malformed token
  • validation failed
  • invalid token

Description: This indicates there was some issue with the token input.

Steps to fix:

  1. Verify if the token is the expected token type for the ID Provider.
  2. Verify if the token is manipulated in any way after fetching it from the ID Provider. Generally speaking, tokens should not be manipulated.
  3. Get a new token.