Hello! So I use SteamUser.GetSteamID(); to get the user ID of the current player in my app. The thing is I save each new user as an entry in my database. Following that, each new file the player creates locally is saved on my server and will be used to serve the data back and even retreive the data from the said user. First thing I do is get the steamID and save this as a new user entry and then everytime you want the user’s data, you just have to use the UserIS which pretty much everyone can use. That makes it virtually very easy for any one to know the key of a person or to randomly find one to mess with their playthrough and change the data. Is there a way in Unity to get some kind of information that would come with the SteamID to prove it is actually the right person and not only someone that happens to know the key? The validation all happens to be on my server’s-side, so this “key” (if it is a key) will never be saved and I will use a php API to compare both keys to validate identity. Also, this is not a multiplayer game.
The SteamID is just that, an ID / identification and not an authentication. You would have to use one of the methods explained here. Spcifically the Backend server example.