Build a Gaming Ecosystem & SSO Setup (Part 1)

Learn how to integrate SSO authentication in your gaming ecosystem


Openfort's framework empowers you to create a cohesive gaming ecosystem. Here's a glimpse of what you can achieve:

  • Single Sign-On (SSO) Across Games: Allow players to use one account seamlessly across various games within your ecosystem.
  • Interoperability: Enable cross-game interoperability of players' game currencies and assets via their ecosystem profile's managed or connected external wallet.
  • Achievement Tracking: Offer comprehensive support for tracking soul-bound tokens such as achievements, experience points (XP), ranks, etc., across different games.
ecosystem diagram

Implementation Patterns#

Choose an implementation pattern that aligns with your ecosystem and game requirements:

Redirect Pattern#

oauth ecosystem

Ideal for web-based games or user interfaces (UIs), the Redirect Pattern navigates players to a specific page on your game's website, like a settings page.

  1. Set the redirect_uri parameter to link the "Register" or "Login" button on your game's website to the Ecosystem authorization flow page.
  2. Post successful login or registration, players will be redirected to the redirectUri set, with the authenticated player's jwtToken and player details appended to the URL, e.g., https://mygame.com/game#token=PLAYER_ACCESS_TOKEN&player=PLAYER_ID.
  3. Utilize your game's webpage logic to extract the jwtToken and player details from the URL fragment parameters to complete any remaining login/authentication processes.

Embed Pattern#

popup oauth ecosystem

The Embed Pattern is suited for mobile apps, native games, or non-web implementations, allowing for an in-app or in-game authorization flow.

  1. Exclude the redirect_uri parameter from the authorization page's query parameters to enable an in-app or in-game web browser/modal window.
  2. Players complete the specified flow (login or registration) within this embedded authorization page.
  3. Utilize a URL change listener to wait for the #jwtToken= and &player= fragment properties to be set on the URL.
  4. Extract the player's jwtToken and player details from the URL, perform any additional authorization logic needed for your game, and close the browser modal/pop-up accordingly.


Explore a functional example of creating a gaming ecosystem with Openfort on GitHub.