Share via


Authentication - Set Player Secret

Sets or resets the player's secret. Player secrets are used to sign API requests.

POST https://titleId.playfabapi.com/Admin/SetPlayerSecret

Request Header

Name Required Type Description
X-SecretKey True

string

This API requires a title secret key, available to title admins, from PlayFab Game Manager.

Request Body

Name Required Type Description
PlayFabId True

string

Unique PlayFab assigned ID of the user on whom the operation will be performed.

PlayerSecret

string

Player secret that is used to verify API request signatures (Enterprise Only).

Responses

Name Type Description
200 OK

SetPlayerSecretResult

400 Bad Request

ApiErrorWrapper

This is the outer wrapper for all responses with errors

Security

X-SecretKey

This API requires a title secret key, available to title admins, from PlayFab Game Manager.

Type: apiKey
In: header

Definitions

Name Description
ApiErrorWrapper

The basic wrapper around every failed API response

SetPlayerSecretRequest

APIs that require signatures require that the player have a configured Player Secret Key that is used to sign all requests. Players that don't have a secret will be blocked from making API calls until it is configured. To create a signature header add a SHA256 hashed string containing UTF8 encoded JSON body as it will be sent to the server, the current time in UTC formatted to ISO 8601, and the players secret formatted as 'body.date.secret'. Place the resulting hash into the header X-PlayFab-Signature, along with a header X-PlayFab-Timestamp of the same UTC timestamp used in the signature.

SetPlayerSecretResult

ApiErrorWrapper

The basic wrapper around every failed API response

Name Type Description
code

integer

Numerical HTTP code

error

string

Playfab error code

errorCode

integer

Numerical PlayFab error code

errorDetails

object

Detailed description of individual issues with the request object

errorMessage

string

Description for the PlayFab errorCode

status

string

String HTTP code

SetPlayerSecretRequest

APIs that require signatures require that the player have a configured Player Secret Key that is used to sign all requests. Players that don't have a secret will be blocked from making API calls until it is configured. To create a signature header add a SHA256 hashed string containing UTF8 encoded JSON body as it will be sent to the server, the current time in UTC formatted to ISO 8601, and the players secret formatted as 'body.date.secret'. Place the resulting hash into the header X-PlayFab-Signature, along with a header X-PlayFab-Timestamp of the same UTC timestamp used in the signature.

Name Type Description
PlayFabId

string

Unique PlayFab assigned ID of the user on whom the operation will be performed.

PlayerSecret

string

Player secret that is used to verify API request signatures (Enterprise Only).

SetPlayerSecretResult