Can service web api be used?

I try to follow service account authentication doc to generate service account credential(base64 of key + secret) and used it to call ugc api, but most apis that need to be authenticated fail.

curl -X PUT \
  -H "Authorization: Basic <service-account-credential>" \
https://ugc.services.api.unity.com/v1/projects/:projectId/environments/:environmentId/content/:contentId/visibility

Calling with proper variable substitution will result failiure

{
    "status": 401,
    "title": "Unauthorized",
    "type": "https://services.docs.unity.com/docs/errors/#51",
    "requestId": "40fc4663-f97b-49ea-ad6f-15a099b6e22c",
    "detail": "Invalid Authorization header",
    "code": 51
}

Do I miss anything? Please help.

I also tried to do token-exchange, but I don’t know what scope should I use. Tried with “user_generated_content.admin.all” but it does not work, I keep getting

{
    "name": "AuthorizationError",
    "message": "The service account does not have access to all of the requested scopes.",
    "status": 403,
    "code": 53,
    "type": "https://services.docs.unity.com/docs/errors/#53"
}

But using “remote_config.configs.create”, “multiplay.allocations.create”, etc. as scopes will get me the token.

Not sure what to do at this point, as I just want to make ugc content upload during editor time. Since sdk seems only can be used at runtime, I am thinking to use api directly during editor script. But none of the api that requires auth can be used.

Hello,

When using a service account, you can only access endpoints from the Service Gateway (Admin API)
In your example, you are trying to access an endpoint in the Game Gateway (Client API)

If you retry your initial request with this URL instead : https://services.api.unity.com/ugc/v1/…
It should work.

While investigating I found that we were providing the wrong URL for our Admin API docs, which might be why you got confused. It will be fixed shortly.

This is the doc you should be using : Unity Services Web API docs

Except the base URL to call needs to be https://services.api.unity.com/ugc/v1/…

Hopefully this answers your questions.

Hey @anthonylord ,

We are having a similar problem and hoping you can help us out too.

The problem/goal:
We are trying to use the client facing Multiplay Game Server Lifecycle APIs listed here:
Unity Services Web API docs

E.g. https://multiplay.services.api.unity.com/v1/allocations/projects/{projectId}/environments/{environmentId}/fleets/{fleetId}/allocations

It is not clear to us from the documentation how authentication should be done so we’ve been trying a few approaches using a WebRequest as follows:

private IEnumerator<float> GetServersCoroutine()
    {
        byte[] keyByteArray = Encoding.UTF8.GetBytes(SERVICE_ACCOUNT_KEY_ID + ":" + SERVICE_ACCOUNT_KEY_SECRET);
        string keyBase64 = Convert.ToBase64String(keyByteArray);
        using (UnityWebRequest www = UnityWebRequest.Get(_getServersURL))
        {
            www.SetRequestHeader("Authorization", "Basic " + keyBase64);
            www.SendWebRequest();
            while (!www.isDone)
            {
                //Debug.Log($"Waiting for callback. {www.downloadProgress}");
                yield return Timing.WaitForOneFrame;
            }
            Debug.Log($"GetServers => Error: {www.error}. Bytes: {www.downloadedBytes}. Result: {www.result}");
        }      
    }

Right now:

• We’ve tried with a service account and we get ‘Not authenticated error’
• When we try with a client account, the IAuthenticationService interface has no TokenID as described here.

The question:

• When Unity says this is a Client API, should we be using a service account or client auth like ‘AuthenticationService.Instance.SignInAnonymouslyAsync’?
• Would it be possible for Unity to share a WebRequest example on how to call a Web API such as the List fleet allocations listed here?

Thank you!

Same here - did you figure this out?

Same here. I’ve tried different methods to authenticate with Unity’s API and all fail.