Implementation of authentication with express api nakama and unity

I have an Express MongoDB API, a Nakama server, and a Unity game. I’m looking to establish an authentication system where users can log in with their userId and password when they open the game. The playerLogin function is currently in my Express server. How can I integrate this login system into Nakama so that users can input their credentials from the client, which will then be forwarded to the Nakama server for a POST login request to the Express server?

Hi @Anup30giri,

Is there a reason that you want users to authenticate via the Express server? Typically the Unity client itself would authenticate directly with Nakama and store the session tokens on the device.

If your requirements are such that you must use the Express server as a middleman, you can use the Nakama JavaScript SDK from your Express server to communicate with Nakama.

We’re currently in the process of developing gambling games, such as Wheel of Fortune and Blackjack, which will be managed through an admin dashboard built in Next.js. This dashboard allows us to monitor various aspects including users, games, and bets.

In our system, player accounts can only be created by agents, not directly by the players themselves. We’re looking for an authentication solution similar to what we’ve used with Photon, where we could specify a login URL in an XML file.

While we’ve reviewed the Nakama documentation, we haven’t come across a specific solution for this scenario. We’d appreciate any guidance or suggestions on how to integrate authentication in line with our requirements.

As part of our current approach, we’re attempting to authenticate users via an HTTP request from Nakama to our Express server.

function rpcUserAuthenticate(
  ctx: nkruntime.Context,
  logger: nkruntime.Logger,
  nk: nkruntime.Nakama,
  payload: string
) {
  const method: nkruntime.RequestMethod = 'post';
  let headers = {
    'Content-Type': 'application/json',
    Accept: 'application/json',
  let body = JSON.stringify({});
  let res = {} as nkruntime.HttpResponse;
  try {
    res = nk.httpRequest(
      apiEndpoint + '/api/users/player/login',
    );`Response: ${res}`);
    return JSON.stringify({ success: true, data: res });
  } catch (error) {
    logger.error('Error logging in ', error);
    return JSON.stringify({ error });

I see. This is a non-typical approach that we do not support out of the box, so it is difficult for us to provide guidance on how you should implement this as it is highly dependant on your individual setup and circumstances. But your current approach using an RPC to call out to your authentication API seems reasonable.

Currently, my objective is to utilize the “beforeauthenticate” custom hook. This way, I plan to employ my Express API for user authentication. Subsequently, I will use the authenticateCustom function to log in to the game.
Do you think its a good approach?

Yes this is valid approach and you can see an example of this here Heroic Labs Documentation | Custom Authentication

How can i pass userId and password from unity to nakama server’s BeforeAuthenticationCustom hook?

@Anup30giri the AuthenticateCustom function expects to receive an authentication token from the identity provider, not the credentials themselves.

If you’re using your own Identity Provider (IdP), which if I understood correctly is the Express server you mention, the typical flow would be to authenticate against it directly from the client (Unity) providing the credentials and receiving an authentication token, then you’d send this token to Nakama’s AuthenticateCustom endpoint.

As in the example @tom shared, you’d need to have some custom code in BeforeAuthenticateCustom to intercept said token and authenticate it against your custom identity provider, which should return some info about the user, including a unique identifier that you then set as the In.Account.Id to tie the Nakama account to your IdP unique identifier.

Hope this helps.

Hello, I have a question. Can I update userId field?