2. Authentication


Deprecation Warning

Default and Handshake authorization methods will be deprecated in the near future.

There are three methods users are able to create an account with Versus. The authentication method can be set in VsConfig located in Versus > Resources.

Authorization Type can be toggled in the Editor via **VsConfig**.Authorization Type can be toggled in the Editor via **VsConfig**.

Authorization Type can be toggled in the Editor via VsConfig.

Default Authorization Type will walk the user through the Versus sign-up flow to register them with an email, password, and birthdate input.

Handshake Authorization Type is our third-party authentication. This will rely on an authorization URL being provided and added to our system. Please contact your account representative to setup handshake authentication.

Authless Authorization Type does not require upfront authentication. This method relies on the user's location information and collecting the user's birthdate before showing eligible challenges. Users will be gated from redeeming prizes until they have been verified with a phone number.


Testing on the Unity Editor

In order for the birthdate date picker to work in the Unity Editor, make sure that the platform selected in Build Settings is PC, Mac & Linux Standalone.

Handshake Authentication External Setup

Before the Handshake protocol can be initiated with Versus's system, there must be an authorization endpoint set up by the developer.
The endpoint should accept a token and applicationId as parameters. The token should be unique for each player. The purpose of the applicationId is for the system to be able to verify the incoming request.

An API key is optional for the authorization endpoint. If it is provided, then Versus's system will make the request to the endpoint with an authorization header.

This is an example response from the authorization endpoint.

  "id": "c112aa84-c02f-4dba-a223-ba1e6819591b",
  "email": "[email protected]"

Handshake Authentication Unity Setup

The developer only needs to provide the token to be used in the handshake. The birthdate can also be passed along with the token if the authorization endpoint does not provide this information.
Alternatively, the Versus birthdate prompt will appear to collect this needed information and perform the handshake after valid input has been received by the user.


Note: In order for the authorization protocol to succeed, the appropriate callback must be specified in the project.

A function like this must be defined:

VsAuthorizationHandshakeParams DeveloperAuthorizationHandshakeParams() {
        return new VsAuthorizationHandshakeParams {
            token = "uniqueTokenForPlayer",
            //OPTIONAL: birthdate = new DateTime(1996, 1, 1),

Notice that the only required information is the token. This defines what will be part of the request to the authorization endpoint.

After the Versus Manager has been set up, the callback can be set.

Handshake authorization flow with birthdate prompt.Handshake authorization flow with birthdate prompt.

Handshake authorization flow with birthdate prompt.


In order for authless to work as intended, a player id must be provided when initializing the Versus SDK. This is done through VersusManager.

Here is an example of initializing the Versus SDK with a player id.

VsSettings settings = new VsSettings(
    new string[] {

// * call init with the external player id

This player id must be persisted in order for players to continue challenges and view new or existing prizes.

Authless entry example shown on the Versus `HostGameExample` Scene.Authless entry example shown on the Versus `HostGameExample` Scene.

Authless entry example shown on the Versus HostGameExample Scene.

A player can join and progress in challenges without needing to provide a phone number.
When they have won their first challenge, the player will be prompted to provide a valid phone number to verify their identity. Versus Systems will check to make sure the phone number is valid and send a verification code to the device. Once they successfully verify their identity with the provided verification code, they will be able to view won prizes.

If the player decides not to verify their phone number, they will be prevented from viewing prize details in the application and will continue to be prompted to verify themselves every time they win.


Valid Phone Numbers

Versus Systems will only verify players that provide a real phone number that can receive SMS.
Providing a VOIP phone number will result in an error.

What’s Next

Prior to testing on an android or iOS device, make sure to specify location permissions.