Authentication lifecycle

Since Unity Authentication is a volatile, session-based system, the state of an authorized player changes as time goes on. The possible states of a player's authentication session are as follows:

Signed out

This is the default state of a player’s authentication session, and the state a player returns to after they successfully sign out. When signed out, a player can sign in anonymously, with an existing session token, or via a third-party service provider.

Signing in

This is an intermediate state, meaning that the player has sent a sign-in request but has not yet received a response from the server.

Authorized

When a player session becomes Authorized, the server has sent a success response and the player has successfully signed-in. From here, the player can choose to authenticate with other third-party providers via account linking, or choose to sign out.

Expired

A player's session becomes Expired when the expiry time for the retrieved authentication token has been passed. When a session has expired, the player can either choose to sign back in, or sign out.