The AccelByte Identity and Access Management (IAM) service is a cloud-agnostic, fully containerized builds, and scalable identity and access management service for online video games that enable game studios and publishers to own their own platform and players, link player accounts to 1st party gaming and social platforms, anonymous login mechanism, ban player accounts mechanism, and provides the core security management for their games and backend services. This service is designed to be used for all access management including end-users, administrators and client applications. The AccelByte IAM follows OAuth 2.0. framework for authentication and authorization that enables a platform to be ready for the integration process by the 3rd party partners. The AccelByte IAM OAuth 2.0. model uses JWT tokens, RS256 JWT token signing, and Bloom Filter encoded token revocation lists.
AccelByte IAM features enable you to control access to critical information within your resources by regulating access to the entire platform based on the roles and permissions of each account you are managing. These features easily help you to manage your user access and management like performing a specific task such as adding a role to a user or client, banning a user and many other administrative tasks. For more information, please see AccelByte IAM features information as follows:
Authentication and Authorization
In general, Accelbyte IAM helps you easily and securely authenticate your users and authorize any action your users do, especially when you have a large number of users. The right authorization helps you to ensure who is authorized and has permission to use particular resources. Especially, there are important yet sensitive information such as passwords, email addresses, and many more crucial data to be securely maintained.
IAM supports three authentication methods for the players such as email address and password (hashed using BCrypt), anonymous login using a device ID and 3rd party platform logins such as Steam, Discord, Google, and much more.
As for the authorization, IAM is an implementation of OAuth 2.0. Authorization framework standard. It uses JWT and JWKS for achieving distributed authorization checks and using a bloom filter encoded revocation list for a better performance of token revocation operation.
The client management feature helps you to manage all of your clients who are integrating with the IAM. The feature includes updating the client data and permissions.
The account management is a one-stop feature that helps you easily manage your user accounts. This feature will help you to organize each of the accounts status, roles, account linking, and other administrative tasks. For example, you can ban a user to use particular features in your game, disconnect their 3rd party account, etc.
The roles management feature helps you to easily organize your user roles by updating anything related to roles, including the permissions, assigner and member management. Here, the roles are defined by the job competency, authority, and responsibility within the management.
Each of the features can be implemented using a direct access or API gateway implementation, so you need to fully understand about AccelByte Authentication and Authorization before getting to the how to use these endpoints.