I would like to deploy a download server, to allow download of large files like unity addressables for instance 
The client is already authenticated on nakama, so I would to reuse the credentials for authenticating to the download server also. Is this a valid use case? and is there some kind or recommandations to know what kind of informations the client should send to the server, and then how the server validates it through nakama?
regards
Hello,
you can try to authenticate download requests through your external server by validating with a Nakama RPC using a runtime authenticate function (Nakama: Function Reference | Heroic Labs Documentation). This can be achieved with a server to server call where you would pass the client credentials (Nakama: Server Runtime Examples | Heroic Labs Documentation) to the authentication RPC.
1 Like
I had a similar case and solved it with an unconventional approach so to say. Since i trust the download server and own the full code base, i share the JWT secret defined in local.yml. This way i can verify the JWT on the download server (passed by the client via Authorization Header) without anything special.