Logo / Docs

Steam

FusionAuth Reactor logo

This feature is only available in paid plans. Please visit our pricing page to learn more.

Available since 1.28.0.

Overview

This section will cover how to add a Login with Steam button to FusionAuth. Below is an example login page with the Steam Identity Provider enabled.

Once you have completed this configuration you will be able to enable the Steam login button for one or more FusionAuth Applications. Below is an example login page with the Steam Identity Provider enabled.

Steam Login

Here's a diagram of the login flow between:

  • the user
  • your application
  • FusionAuth and
  • a remote identity provider such as Steam
User/BrowserAppFusionAuthIdentityProviderUser Is Logged In And App Can ProceedDelivering Data And FunctionalityView Initial PageClick LoginRedirect To FusionAuth Authorization URLRequest Login PageReturn Login PageClicks On 'Login With Identity Provider'Redirect To Identity Provider Authorization URLEnter CredentialsValidate CredentialsRedirect To FusionAuth With Identity Provider Authorization CodeRequests Page, Has Identity Provider Authorization CodeExchange Authorization Code ForIdentity Provider TokenReturns Identity Provider TokenStores IdentityProvider Token, CallsLambda, Creates UserAnd Registrations (IfNeeded), GeneratesFusionAuth TokensRedirect To Redirect URI With FusionAuth Authorization CodeRequest Redirect URI, Has FusionAuthAuthorization CodeRequest FusionAuth TokensReturn FusionAuth TokensCreate Session OrOtherwise Log User InUser/BrowserAppFusionAuthIdentityProvider

Logging In Using Steam

Although this looks complex, the user only sees a few screens, such as the FusionAuth login screen, the Steam login screen, and your application.

Create a Steam Account

Follow instructions for obtaining a Client id and Client secret from the Steam documentation.

Create a Steam Identity Provider

To enable this identity provider for an application, find your application name in the Applications configuration section at the bottom of this panel. You will always see the FusionAuth application, this application represents the FusionAuth administrative user interface. If you wish to be able to log into FusionAuth with this provider, you may enable this application.

In the following screenshot you will see that we have enabled this login provider for the Pied Piper application and enabled Create registration. Enabling create registration means that a user does not need to be manually registered for the application prior to using this login provider.

For example, when a new user attempts to log into Pied Piper using Steam, if their user does not exist in FusionAuth it will be created dynamically, and if the Create registration toggle has been enabled, the user will also be registered for Pied Piper and assigned any default roles assigned by the application.

If you do not wish to automatically provision a user for this application when logging in with Steam, leave Create registration off. You will need to manually register a user for this application before they may Sign in with Steam.

That's it, now the Sign in with Steam button will show up on the login page for the Pied Piper application.

Steam Home

Form Fields

Client Idrequired
The unique client identifier obtained from Steam. See Steam - Getting Started.
API modeDefaults to PublicAvailable since 1.44.0
Determines which Steam API to utilize. The possible values are:
  • Partner - The Steam partner API is used. https://partner.steam-api.com
  • Public - The public Steam API is used. https://api.steampowered.com
The only functional difference between these two APIs is that the public API is rate limited, and the partner API is not. If you are a Steam partner, you will want to set this value to Partner. Prior to version 1.44.0, the public API was always used.
Web API keyrequired
The client secret obtained from Steam used to authenticate the request. See Steam - Getting Started.
Button text
The text to be displayed in the button on the login form. This value is defaulted to Login with Steam but it may be modified to your preference.
Linking strategyDefaults to Create a pending link
The linking strategy for the Steam provider. See Linking Strategies for more.
Reconcile lambda
A lambda maps custom claims returned from Steam to the FusionAuth User or Registration. To create or configure a lambda, navigate to Customizations -> Lambdas. See the lambda documentation for more.
Debug enabledDefaults to false
Enable debug to create event log entries during the user login process. This will assist you in debugging integration issues.

Building Your Own Integration

If you are building your own login experience, you'll want to start the identity provider flow yourself and then complete the login.

You might do this if you are using the Login API rather than using the hosted FusionAuth login pages. Here's a diagram illustrating this login flow.

User/BrowserAppFusionAuthIdentityProviderUser Is Logged In And App Can ProceedDelivering Data And FunctionalityView Initial PageClick LoginDisplays Login PageIncluding Link To 'Login With Identity Provider'Clicks On 'Login With Identity Provider'Redirect To Identity Provider Authorization URLEnters CredentialsValidate CredentialsRedirect to App With Authorization CodeRequests Page, Has Authorization CodeCalls Complete LoginWith Code And Redirect URIExchanges Code AndRedirect URI For Identity Provider TokenReturns Identity Provider TokenStores IdentityProvider Token, CallsLambda, Creates UserAnd Registrations (IfNeeded), GeneratesFusionAuth TokensReturn FusionAuth TokensCreate Session OrOtherwise Log User InUser/BrowserAppFusionAuthIdentityProvider

An Integration With An Identity Provider Using The API

Completing the login is documented further in the API.

If you require a refresh token after completing the login, ensure Enable JWT Refresh is true in the application configuration. This is found in the administrative user interface by navigating to Applications -> Your Application -> Security -> Login API settings.