Docs

Getting Started

Provider Setup Guide

Oathwall acts as a secure middleware between your game and OAuth providers. You bring your own credentials — we handle the entire auth flow, token rotation, and session management.

This guide covers two things: how to get the credentials you need from each provider's developer console, and how to add them to your Oathwall app through the dashboard.

Providers10 supported

Avg. Setup Time~5 min per provider

Backend RequiredNone

Pick a provider to set up

Why bring your own credentials? We never share your players' data with other apps on our platform. Each provider account is yours — you own the OAuth app, we just run the flow.

Google

OAuth 2.0 · Google Cloud Console

Google Sign-In uses OAuth 2.0. You'll create credentials in the Google Cloud Console and end up with a Client ID and a Client Secret.

~5 min setupEasyMost popular

Required fields

Field	Description	Example
`Client ID`	Your OAuth 2.0 client identifier.	`123456789-abc.apps.googleusercontent.com`
`Client Secret`	The secret paired with your Client ID.	`GOCSPX-xxxxxxxxxxxx`

Step-by-step

Open Google Cloud Console

Go to console.cloud.google.com and sign in with your Google account.

Create or select a project

Click the project dropdown at the top left and either select an existing project or click New Project. Give it a name that identifies your game.

Configure the OAuth consent screen

Navigate to APIs & Services → OAuth consent screen and complete the setup.

Choose External as the user type.
Fill in the app name, support email, and developer contact email.
Add scopes: openid, email, profile.

Add the Oathwall redirect URI

Under Authorized redirect URIs, click Add URI and enter:

https://sso.oathwall.com/auth/callback

The redirect URI must match exactly — including the protocol and no trailing slash. Google will reject requests with a different URI.

Copy your credentials

Click Create. A dialog will show your Client ID and Client Secret. Copy both — you'll paste them into the Oathwall dashboard.

You can always retrieve the Client ID from the Credentials list page. However, to see the Client Secret again you'll need to click the credential and show it.

Facebook

OAuth 2.0 · Meta for Developers

Facebook Login is part of the Meta for Developers platform. You'll create a Meta App to get an App ID and App Secret.

~5 min setupEasyPopular

Required fields

Field	Description	Example
`App ID`	Your Meta app identifier (public).	`1234567890123456`
`App Secret`	The secret paired with your App ID.	`abc123def456...`

Step-by-step

Open Meta for Developers

Go to developers.facebook.com and log in with a Facebook account that has developer access.

Create a new app

Click My Apps → Create App. Choose Consumer for games targeting regular users, or Business if under a business portfolio.

Add Facebook Login and set the redirect URI

Add the Facebook Login product, then go to Facebook Login → Settings and add under Valid OAuth Redirect URIs:

https://sso.oathwall.com/auth/callback

Copy your credentials

Navigate to Settings → Basic. Copy your App ID and click Show next to App Secret to reveal it.

Your app will be in Development mode by default. To allow all users, switch to Live — Meta will ask for a privacy policy URL and app icon.

Discord

OAuth 2.0 · Discord Developer Portal

Discord uses standard OAuth 2.0. You'll create an application in the Discord Developer Portal and get a Client ID and a Client Secret.

~5 min setupEasy

Required fields

Field	Description	Example
`Client ID`	Your Discord application ID.	`1234567890123456789`
`Client Secret`	The secret associated with your application.	`aBcDeFgHiJkLmNoPqRsTuV`

Step-by-step

Open the Discord Developer Portal

Go to discord.com/developers/applications and log in.

Create a new application

Click New Application, give it a name, and click Create.

Add the redirect URI

In the left sidebar, go to OAuth2. Under Redirects, click Add Redirect and enter:

https://sso.oathwall.com/auth/callback

Click Save Changes.

Copy your credentials

Still on the OAuth2 page, copy your Client ID. Click Reset Secret to generate and reveal your Client Secret.

The Client Secret is only shown once after resetting. Copy it before leaving the page.

Apple

Sign in with Apple is required for any iOS app that offers third-party login. You'll need a Services ID, a private key (.p8 file), your Team ID, and the Key ID.

~15 min setupModerateRequired for iOS

An Apple Developer Program membership ($99/year) is required. Individual or Organization accounts both work.

Required fields

Field	Description	Example
`Client ID`	Your Services ID identifier (not the Bundle ID).	`com.yourstudio.yourgame.auth`
`Team ID`	Found top-right in the Apple Developer portal.	`ABC123DEF4`
`Key ID`	The identifier of the Sign in with Apple key.	`XYZKEY1234`
`Private Key`	Contents of the .p8 file downloaded from Apple.	`-----BEGIN PRIVATE KEY----- ...`

Step-by-step

Open Apple Developer portal

Go to developer.apple.com/account and note your Team ID in the top-right corner.

Register an App ID with Sign In with Apple

Go to Identifiers → + → App IDs. Fill in Bundle ID, then scroll to Capabilities and check Sign In with Apple.

Create a Services ID

Go to Identifiers → + → Services IDs. The identifier becomes yourClient ID in Oathwall (e.g. com.yourstudio.yourgame.auth).

Configure the Services ID with the redirect URI

Click the Services ID, enable Sign In with Apple → Configure, select your App ID, and add under Return URLs:

https://sso.oathwall.com/auth/callback

Create a Sign in with Apple key and download the .p8 file

Go to Keys → + . Enable Sign In with Apple, register the key, then Download the .p8 file immediately — it cannot be re-downloaded.

Store the .p8 file securely. If lost, you'll need to create a new key and revoke the old one.

Gather all four values

Client ID — the Services ID identifier
Team ID — top-right of the Developer portal
Key ID — shown on the Keys page
Private Key — the full contents of the .p8 file

Steam

OpenID 2.0 · Steamworks

Steam uses OpenID 2.0 instead of OAuth 2.0 — there is no client secret or code exchange. Authentication is verified server-side using a Steam Web API Key, making Steam the simplest provider to set up.

~3 min setupEasyGame-focused

Required fields

Field	Description	Example
`API Key`	Your Steam Web API Key, used to verify logins server-side. Goes in the Client Secret field.	`A1B2C3D4E5F6...`

Because Steam uses OpenID 2.0, there's no Client ID. The API Key goes into the Client Secret field in Oathwall.

Step-by-step

Register for a Steam Web API Key

Go to steamcommunity.com/dev/apikey . Sign in, enter a domain name, and click Register.

The Steam API Key is tied to the Steam account that registered it. Use a dedicated developer account rather than a personal one.

Copy your API Key

Your Steam Web API Key is displayed on the same page. Copy it — this is what you'll paste into Oathwall as the Client Secret.

GitHub

OAuth 2.0 · GitHub Settings

GitHub uses OAuth Apps for third-party login. Register an OAuth App under your GitHub account and get a Client ID and Client Secret.

~3 min setupEasy

Required fields

Field	Description	Example
`Client ID`	Your GitHub OAuth App client identifier.	`Iv1.a1b2c3d4e5f6g7h8`
`Client Secret`	The secret paired with your Client ID.	`abc123def456...`

Step-by-step

Open GitHub Developer Settings

Go to github.com/settings/developers and select OAuth Apps.

Register a new OAuth App

Click New OAuth App and fill in the details:

Application name: your game's name
Homepage URL: your game's website
Authorization callback URL:

https://sso.oathwall.com/auth/callback

Click Register application.

Generate and copy your Client Secret

On the app page, copy your Client ID. Click Generate a new client secret — copy it immediately.

GitHub only shows the Client Secret once, right after generation. If you lose it, you'll need to generate a new one.

Epic Games

OAuth 2.0 · Epic Developer Portal

Epic Games uses OAuth 2.0 with PKCE — Oathwall handles the PKCE flow automatically. You only need a Client ID and Client Secret from the Epic Developer Portal.

~10 min setupModerate

Required fields

Field	Description	Example
`Client ID`	Your Epic OAuth client identifier.	`xyza7891AbCdEfGhIjKlMnOpQrStUvWx`
`Client Secret`	The secret paired with your Client ID.	`AbCdEfGhIjKlMnOpQrStUvWxYz123456`

Step-by-step

Open the Epic Developer Portal

Go to dev.epicgames.com/portal and sign in. Select your product and navigate to Epic Account Services.

Create an OAuth client

Under Clients, click Add new client. Set the policy to Confidential and add the redirect URI:

https://sso.oathwall.com/auth/callback

Copy your credentials

Save the client. Your Client ID and Client Secret are shown in the client detail page.

Oathwall uses PKCE automatically for Epic Games — no extra configuration needed.

Twitch

OAuth 2.0 · Twitch Developer Console

Twitch uses standard OAuth 2.0. Register an application in the Twitch Developer Console to get a Client ID and Client Secret.

~5 min setupEasy

Required fields

Field	Description	Example
`Client ID`	Your Twitch application client ID.	`abc123def456ghi789jkl012`
`Client Secret`	The secret paired with your Client ID.	`xyz987uvw654tsr321...`

Step-by-step

Open the Twitch Developer Console

Go to dev.twitch.tv/console . Note: 2FA must be enabled on your Twitch account.

Register a new application

Click Register Your Application and add the redirect URI:

https://sso.oathwall.com/auth/callback

Choose category Game Integration and click Create.

Copy your credentials

Click Manage on your app. Copy the Client ID, then click New Secret to generate and copy the Client Secret.

Twitter / X

OAuth 2.0 · Twitter Developer Portal

Twitter/X uses OAuth 2.0 with PKCE — Oathwall handles the PKCE flow for you. A free Twitter Developer account is sufficient to get a Client ID and Client Secret.

~10 min setupModerate

A free Twitter Developer account is sufficient. You don't need elevated access for basic OAuth login.

Required fields

Field	Description	Example
`Client ID`	Your Twitter OAuth 2.0 client ID.	`AbCdEfGhIjKlMnOpQrStUvWx`
`Client Secret`	The secret paired with your Client ID.	`xyz987654321uvw...`

Step-by-step

Open the Twitter Developer Portal

Go to developer.twitter.com and create a developer account if you don't have one.

Enable OAuth 2.0 and add the redirect URI

In your app's User authentication settings, enable OAuth 2.0, set App type to Web App, Automated App or Bot, and add the callback URI:

https://sso.oathwall.com/auth/callback

Copy your credentials

After saving, Twitter displays your Client ID and Client Secret. Copy them — the secret won't be shown again.

The Client Secret is shown only once. If lost, you'll need to regenerate it.

Microsoft

OAuth 2.0 · Azure Portal

Microsoft Sign-In is powered by Azure Active Directory. Register an application in the Azure portal to get a Client ID and Client Secret. Oathwall uses the common tenant — supports personal and work/school Microsoft accounts.

~15 min setupModerate

Required fields

Field	Description	Example
`Client ID`	The Application (client) ID from Azure.	`a1b2c3d4-e5f6-7890-abcd-ef1234567890`
`Client Secret`	A client secret value you create in Azure.	`AbC~1dEfGhIjKlMnOpQrStUvWx2YzZ3`

Step-by-step

Open Azure App Registrations

Go to the Azure App Registrations page .

Register a new application

Click New registration. Choose Accounts in any organizational directory and personal Microsoft accounts, and add the redirect URI:

https://sso.oathwall.com/auth/callback

Click Register.

Create a client secret

Copy the Application (client) ID from the overview page. Then go to Certificates & secrets → New client secret, add it, and copy the Value immediately.

Azure hides the secret value once you navigate away. When a secret expires, create a new one and update it in the Oathwall dashboard.

Dashboard Setup

Adding a Provider

Once you have your credentials, adding them to your Oathwall app takes under a minute. Each app manages its own set of providers independently.

Open your app in the dashboard

Go to the Providers tab

Inside your app's detail page, click the Providers tab. Unconfigured providers appear greyed out.

Click Configure on a provider

Find the provider you want to enable and click Configure. A panel will appear with the fields specific to that provider.

Fill in your credentials and save

Paste the values you collected from the provider's developer console and click Save.

Changes take effect immediately — no deployment required. Your Unity SDK picks up the new provider on the next GET /app-config/login-config/:appKey call.

Dashboard Setup

Redirect URIs

Every OAuth provider requires you to whitelist the URL it will redirect to after authentication. All Oathwall callbacks go through the same endpoint.

OAuth callback URL

https://sso.oathwall.com/auth/callback

Provider-specific notes

Google

Add as an Authorized redirect URI in your OAuth client settings. Uses GET.

Facebook

Add under Facebook Login → Settings → Valid OAuth Redirect URIs. Uses GET.

Apple

Add as a Return URL in your Services ID configuration. Apple uses POST (form_post response mode).

Steam

No configuration needed. Steam OpenID uses the openid.return_to parameter dynamically.

Discord

Add under OAuth2 → Redirects in your application settings. Uses GET.

GitHub

Set as the Authorization callback URL when registering your OAuth App. Uses GET.

Epic Games

Add under Redirect URIs in your OAuth client settings. Uses GET.

Twitch

Add under OAuth Redirect URLs when registering your application. Uses GET.

Twitter / X

Add as a Callback URI in User authentication settings. Uses GET.

Microsoft

Add as a Web redirect URI in Authentication settings of your Azure app registration. Uses GET.

After the OAuth flow completes, Oathwall redirects the player to sso.oathwall.com/public/auth/redirect.html with a short-lived ticket. Your game calls POST /auth/consume with the ticket to receive access and refresh tokens.