Returning Players

Returning Players

The full authentication process is only required the first time a Player uses String through a particular Game. Players will remain logged-in until their session expires.

String uses a streamlined process to log-in a returning Player. Simply request a new Signature Payload and the Player can log-in by signing with their private key. A Platform that has enabled Integrated Authentication may sign on behalf of a Player.

A Signature Payload sent to directly to a Player using Metamask.  
Signing this message creates a Player Identity with String, or logs-in a returning user.

A returning user whose session expires simply needs to sign-in with their wallet.

Returning Player, Same Device

A verified Player identity will remain "logged-in" and able to transact until their session expires. A session for a Player using the same wallet on the same device will generally last for 30 days or until otherwise canceled (i.e. a Player using a browser wallet deletes their cookies).

A returning Player whose session expires may log back in with their wallet by signing a new Signature Request payload (or logging-in to the Game, which signs the payload on behalf of the Player). String will send a Signature Request to a Player's wallet any time it receives a wallet address associated with an existing Player identity that does not have an active session.

Returning Players on the same device do not need to re-verify their email address.

Returning Players on the same device need only sign-in with their wallet.

Returning Players on the same device need only sign-in with their wallet.

📘

Authentication Types

Remember, if you're using Integrated Authentication you sign-in on behalf of your returning Player's by (1) ensuring they are logged-in to your Game and (2) signing the Signature Request with the private key associated with that Player's account.

Returning Player, New Device

If a returning Player logs-in from a new device, or if String otherwise detects suspicious activity, the Player will need to verify both their wallet and their email address by signing a Signature Request payload and re-verifying their email.

Returning Player on new devices should verify both their wallet and email to log-in.

Returning Player on new devices should verify both their wallet and email to log-in.

Saved Payment Methods

When you log-in a returning Player, the SDK will return the Player's saved payment information from /cards. For String Direct and String Unity, the API will return the last 4 digits of the Player's payment method, as well as the card brand (i.e. Visa). String Checkout will show this information to the Player within the UI. The Player will need to reenter their CVV number in order to execute a new transaction.