Protected client API and security

Hi,
What is the status regarding a protected client API, and is there any risks at the moment that a third party could access a bucket content using the public client API, or any other way?
Regards.

At the moment all content is public. We are still gathering requirements around protected content. If you have specific requirements we’d love to hear them and I can pass them along to our product managers.

Hi @hadrien23 , I’m the product manager for CCD. We’ve finally gotten around to private content. We’re brainstorming a few solutions and would love to get your thoughts:

  • Option 1 would be to provide bucket level access keys. Only users with the access keys would be able to retrieve content from CCD. We imagine this to be similar to how Github allows users to generate keys.
  • Option 2 would be to support an IP whitelist per bucket (screenshots below). Only IPs on the list would be able to access content from CCD. We imagine this solution would be in addition to Option 1.

Would either of these solutions work for your needs? Is the bucket level the right level for security?

To jump into this conversation - we are using an account system (Playfab) for all players including internal developers. At the moment our login screen is the only “protection” from excessive or unauthorized access. For us it would be ideal to have a security layer before CCD that allowed e.g. Playab and other account systems to send an auth token to CCD first.
Because the login screen is not enough, once a player has access to the CCD bucket links they can easily DDOS the whole system - or at the very least, create huge traffic.

Hi @CineTek , we’re implementing bucket level access keys. It seems that this would fit your use case. You can generate an access token that protects a private bucket. You can easily re-generate and update your clients if it gets compromises.

The only issue I can see is if you wanted to create an access token per user, which may not play well with our caching.

Do you have a sense for how many access tokens you might need to generate?

Well, connected to the account system a per-user token that is changing dynamically would be the “ideal” solution.
My concern with your approach is that the access token is still visible inside the game client and/or can be intercepted from local network which does not stop a maliciuous party from attacking the network? Unless the key cannot be intercepted

I guess, what we could do internally is figure out if we can forward/push traffic through an internal proxy which uses the playfab auth as a security step - therefore hiding the official CCD servers… .

Hi @CineTek , in case you missed the announcement on the main forum, we’ve launched Private Buckets! Private buckets protect read access to buckets with an access token, so that only those users with that access token can retrieve content from that bucket. Let us know if you have any feedback!

@ChristinaGuo Login in after a while, sorry I missed your first question. Awesome news about the new private buckets, thanks for the update!

1 Like