Design your game client service

We recommend that you implement a game client service that authenticates your players and communicates with the Amazon GameLift API. By implementing a custom game client service, you can:

Customize authentication for your players.
Control how Amazon GameLift matches and starts game sessions.
Use your player database for player attributes such as skill rating for matchmaking instead of trusting the client.

Using a game client service also reduces security risks introduced by game clients interacting directly with your Amazon GameLift API.

Authenticating your players

You can use Amazon Cognito and player session IDs to authenticate your game clients. To manage the lifecycle and properties of your player identities, use Amazon Cognito user pools.

If you prefer, build a custom identity solution and host it on Amazon. You can also use Lambda authorizers for custom authorization logic with API Gateway.

Additional resources:

Using identity pools (federated identities) (Amazon Cognito Developer Guide)
Getting started with user pools (Amazon Cognito Developer Guide)
How to Set Up Player Authentication with Amazon Cognito (Amazon for Games Blog)

Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Plan and deploy your resources

Serverless backend