Steam
This feature is only available in paid plans. To learn more, see our pricing page.
Available since version 1.28.0
This section explains how to add a Login with Steam button to FusionAuth. Below is an example login page with the Steam Identity Provider enabled.
Once you have completed this configuration you will be able to enable the Steam login button for one or more FusionAuth Applications. Below is an example login page with the Steam Identity Provider enabled.

Here's a diagram of the login flow between:
- the user
- your application
- FusionAuth and
- a remote identity provider
sequenceDiagram
participant User as User/Browser
participant App
participant FusionAuth
participant IdentityProvider as Provider
User ->> App : View Initial Page<br/>Click Login
App ->> User : Displays Login Page<br/>Including Link To 'Login With Provider'
User ->> App : Clicks On 'Login With Provider'
App ->> User : Redirect To Provider Authorization URL
User ->> IdentityProvider : Enters Credentials
IdentityProvider ->> IdentityProvider : Validate Credentials
IdentityProvider ->> User : Redirect to App With Authorization Code
User ->> App : Requests Page, Has Authorization Code
App ->> FusionAuth : Calls Complete Login<br/>With Code And Redirect URI
FusionAuth ->> IdentityProvider : Exchanges Code And<br/>Redirect URI For Provider Token
IdentityProvider ->> FusionAuth : Returns Provider Token
FusionAuth ->> FusionAuth : Stores Provivider Token, Calls Lambda, Creates User And Registrations (If Needed), Generates FusionAuth Tokens
FusionAuth ->> App : Return FusionAuth Tokens
App ->> App : Create Session Or<br/>Otherwise Log User In
Note over User, IdentityProvider: User Is Logged In And App Can Proceed<br/>Delivering Data And Functionality
Although this looks complex, the user only sees a few screens, such as the FusionAuth login screen, the provider login screen, and your application.
Create a Steam Account#
Follow instructions for obtaining a Client id and Client secret from the Steam documentation.
Create a Steam Identity Provider#
To enable Steam for an Application:
-
Navigate to Settings -> Identity Providers .
-
Click the Add provider dropdown and select Steam . This will take you to the Add Steam screen.
- Fill out the required fields; your identity provider can provide most of these values. For a detailed description of each field, see the documentation for Steam.
-
In the Applications configuration section at the bottom of this panel, find your application name.
-
To dynamically create FusionAuth user accounts (with default roles) for all users who successfully authenticate using this provider, select Create registration . If you disable this option, only an administrator with registration permissions can create new users for this application with access via Sign in with Steam.
- You should now see the Sign in with Steam button on the login page for the Pied Piper application.
Form Fields
IdoptionalAvailable since 1.61.0An optional UUID. When this value is omitted a unique Id will be generated automatically.
TenantoptionalAvailable since 1.62.0The tenant to which this identity provider belongs. This field only displays when the user selects a specific tenant on the previous page. When Global identity provider is selected on the previous page, this field does not display.
NamerequiredAvailable since 1.61.0A unique name to identify the identity provider. This name is for display purposes only and it can be modified later if desired.
Client IdrequiredThe unique client identifier obtained from Steam. See Steam - Getting Started.
API modeoptionalDefaults to PublicAvailable since 1.44.0Determines which Steam API to utilize. The possible values are:
Partner- The Steam partner API is used.https://partner.steam-api.comPublic- The public Steam API is used.https://api.steampowered.com
Partner. Prior to version 1.44.0, the public API was always used.
Web API keyrequiredThe client secret obtained from Steam used to authenticate the request. See Steam - Getting Started.
Button textoptionalThe text to be displayed in the button on the login form. This value is defaulted to Login with Steam but it may be modified to your preference.
Linking strategyoptionalDefaults to Create a pending linkThe linking strategy for the Steam provider. See Linking Strategies for more.
Reconcile lambdaoptionalA lambda maps custom claims returned from Steam to the FusionAuth User or Registration. To create or configure a lambda, navigate to Customizations -> Lambdas . See the lambda documentation for more.
Debug enabledoptionalDefaults to falseEnable debug to create event log entries during the user login process. This will assist you in debugging integration issues.
Building Your Own Integration#
If you are building your own login experience, you'll want to start the identity provider flow yourself and then complete the login.
You might do this if you are using the Login API rather than using the hosted FusionAuth login pages. Here's a diagram illustrating this login flow:
sequenceDiagram
participant User as User/Browser
participant App
participant FusionAuth
participant IdentityProvider as Provider
User ->> App : View Initial Page<br/>Click Login
App ->> User : Displays Login Page<br/>Including Link To 'Login With Provider'
User ->> App : Clicks On 'Login With Provider'
App ->> User : Redirect To Provider Authorization URL
User ->> IdentityProvider : Enters Credentials
IdentityProvider ->> IdentityProvider : Validate Credentials
IdentityProvider ->> User : Redirect to App With Authorization Code
User ->> App : Requests Page, Has Authorization Code
App ->> FusionAuth : Calls Complete Login<br/>With Code And Redirect URI
FusionAuth ->> IdentityProvider : Exchanges Code And<br/>Redirect URI For Provider Token
IdentityProvider ->> FusionAuth : Returns Provider Token
FusionAuth ->> FusionAuth : Stores Provider Token, Calls Lambda, Creates User And Registrations (If Needed), Generates FusionAuth Tokens
FusionAuth ->> App : Return FusionAuth Tokens
App ->> App : Create Session Or<br/>Otherwise Log User In
Note over User, IdentityProvider: User Is Logged In And App Can Proceed<br/>Delivering Data And Functionality
If you require a refresh token after completing the login, ensure Enable JWT Refresh is true in the application configuration. This is found in the administrative user interface by navigating to Applications -> Your Application -> Security -> Login API settings .