We recommend that you authenticate players and securely pass the player's identity to the backend server. This enables your game to securely retrieve the player's identity and other data without being exposed to potential tampering while passing through the device.
After the player successfully signs in, you can request a unique single-use code (called server authcode) from the Play Games Services SDK. The client then passes it to the server. Then, on the server, exchange the server auth code for an OAuth 2.0 token that the server can use to make calls to the Google Play Games Services API.
For more information on how to add sign-in to your games, please see Sign-in for Android Games.
The following steps are required for offline access:
1. In the Google Play Console: Create a credential for your game server. The OAuth client type will be "web" 2. In the Android App: As part of sign in, request a server authentication code for your server credential. 3. On your game server: Exchange the server auth code for an OAuth access token using Google auth services, and then use this to call the Play Games Services REST APIs.
You will first need to add the game to Google Play Console (see Set Up Google Play Games Services) and then integrate Play Games Services sign in with your title.
Create a server-side application for your game
Google Play Game Services doesn't offer back-end support of Web games. However, it does provide back-end server support for your Android game's server.
These steps will help you use the RESTAPS for Google Play Games services within your server-side App:
1. To configure your game from the Google Play Console, visit Play Games Services > Configuration and Management > Game. 2. To be taken directly to the Add credential section, select Add credential. Select Game server as the credential type and continue onto the Authorization section. 1. If your game server already has an OAuth client ID select it from the drop down menu. Save your changes and move on to the next section. 2. If you do not have an existing OAuth client ID for your game server, you can create one. 1. Click Create OAuth Client. Follow the Create OAuth Client Identification link. 2. This will take to you to the Google Cloud Platform’s CreateOAuth ClientID page. 3. Fill out the page's form and click create. Make sure you set the Application type as Web application. 4. Return to the Authorization section in the Add Credential page. Select the OAuth client that you have created and save your changes.
Get the server auth number
To retrieve a Server Auth Code that your game can use in order to access tokens on the backend server:
Call requestServerSideAccess from the client.
1. Be sure that you use the OAuth Client ID registered for your game server and not the OAuth Client ID of your Android application. 2. (Optional) If your game server requires offline access (long lived access using a refresh token) to Play Games Services, you can set the forceRefreshToken parameter to true.
Send the OAuth auth token token to your backend server for it to be exchanged. The Player id will be verified against the Play Games Services APIs and then authenticated with the game.
Exchange the server auth code for an access token on the server
Send the server code to your backend to exchange access and refresh tokens. The access token can be used for calling the Google Play Games Services API on behalf the player. The refresh token can be stored to acquire a new one when the current access token expires.
This code snippet will show you how to implement the Java server-side Java programming language code to exchange the server authentication code for access tokens. It uses the clientserverskeleton app:
Call REST APIs directly from the server
For a complete description of API calls available, see REST APIs for Google Play Games Services.
The following are examples of REST API calls you might find useful:
Player
- Would you like to obtain the signed in player's ID? Call Players.get with 'me' as the ID.
Friends
Check out the Friends guide for more information on Friends.
- You want to retrieve the friend list of the player? Call Players.list with 'friends_all' as the collection. - Check if your friends list is accessible. Call Players.get for me, and look at the profileSettings.friendsListVisibility field in the response.
Achievements
You should also review the Achievements Guide, which provides more information about achievements.
- Want to see a list with your current achievements and milestones? You can make a call to AchievementDefinitions.list. Combine that call with one to AchievementDefinitions.list to see which achievements the player has unlocked. - Did the player achieve an achievement? Use Achievements.unlock to unlock it! - Did the player progress towards a partial accomplishment? Game servers Use Achievements.increment to report progress (and find out if the player unlocked it). - Are there games that are not yet in production? Try calling Achievements.reset or Achievements.resetAll from the Management APIs to reset achievements to their original state.
Leaderboards
Check out the Leaderboards guide for more information.
- Want to find a list all scoreboards in the game. Make a call to Leaderboards.list. - Has the player finished playing a particular game? You can submit their score to Scores.submit and find out if this is a new high score. - Want to create a leaderboard? You can use Scores.list to get the data and display it to the user. Scores.listWindow can be used to locate scores that are close to the user's highest score. Scores.get provides more information about the player’s score in a leaderboard. For example, if he is in the top 12 percent of all players, for example. - Are you debugging a game?