Skip to main content

Requesting Consent For New Permissions

(This is a Roadmap Feature and is marked Experimental in the API documentation)

After a child is granted permission to play a game, if a permission is disabled for a certain feature, and the managedBy field is set to GUARDIAN, then it is possible for a player to request consent for this feature. In this case, the /session/upgrade API should be called to create the Consent Challenge, and a challenge window accepting the parent email address, QR code and OTP should be displayed. Parents will receive the request for access to the feature in the family portal. Since the player is only requesting the enablement of a feature, but otherwise is permitted to play the game, one option is to allow play to continue with a floating window or widget with the QR code, OTP and email address field while the request for consent is active. Another option is to block further play, but allow the player to dismiss the dialog instead of seeking consent from a parent.

Upgrading a Session with Unreal C++
// Creates a new consent challenge if the Permission is managed by GUARDIAN, and if successful, 
// calls the EnableFeature callback parameter, which can then turn on the feature in the game
void UKidWorkflow::UpgradeSession(const FString &FeatureName, TFunction<void()> EnableFeature)
{
TSharedPtr<FJsonObject> JsonObject = MakeShareable(new FJsonObject());
JsonObject->SetStringField(TEXT("sessionId"), SessionInfo->GetStringField(TEXT("sessionId")));

TSharedPtr<FJsonObject> PermJsonObject = MakeShareable(new FJsonObject());
PermJsonObject->SetStringField(TEXT("name"), FeatureName);

TArray<TSharedPtr<FJsonValue>> JsonArray;
JsonArray.Add(MakeShareable(new FJsonValueObject(PermJsonObject)));

JsonObject->SetArrayField(TEXT("requestedPermissions"), JsonArray);

FString ContentJsonString;
TSharedRef<TJsonWriter<>> Writer = TJsonWriterFactory<>::Create(&ContentJsonString);
FJsonSerializer::Serialize(JsonObject.ToSharedRef(), Writer);

HttpRequestHelper::PostRequestWithAuth(BaseUrl + TEXT("/session/upgrade"), ContentJsonString, AuthToken,
[this, EnableFeature, FeatureName](FHttpResponsePtr Response, bool bWasSuccessful)
{
if (bWasSuccessful)
{
TSharedPtr<FJsonObject> JsonResponse;
TSharedRef<TJsonReader<>> Reader = TJsonReaderFactory<>::Create(Response->GetContentAsString());
if (FJsonSerializer::Deserialize(Reader, JsonResponse))
{
if (JsonResponse->HasField(TEXT("challenge")))
{
TSharedPtr<FJsonObject> Challenge = JsonResponse->GetObjectField(TEXT("challenge"));
FString ChallengeId = Challenge->GetStringField(TEXT("challengeId"));
FString OneTimePassword = Challenge->GetStringField(TEXT("oneTimePassword"));
FString QRCodeUrl = Challenge->GetStringField(TEXT("url"));

SaveChallengeId(ChallengeId);

ShowConsentChallenge(ChallengeId, ConsentTimeoutSeconds, OneTimePassword, QRCodeUrl,
[this, EnableFeature, FeatureName](bool bConsentGranted, const FString &SessionId)
{
ClearChallengeId();
if (bConsentGranted)
{
GetSessionPermissions(SessionId, TEXT(""));
EnableFeature();
}
else
{
// request to turn on feature was denied, don't do anything
UE_LOG(LogTemp, Warning, TEXT("Feature request denied for feature %s."), *FeatureName);
}
});
}
else if (JsonResponse->HasField(TEXT("session")))
{
SessionInfo = JsonResponse->GetObjectField(TEXT("session"));
SaveSessionInfo();
EnableFeature();
}
}
}
});
}