Authorization and Consent Management

Information about the user experience of the consent flow and how users can manage permissions

In Epic Account Services (EAS), third-party applications require that you authorize consent for data access permissions before they can authenticate the user or gain access to the user data.

Brand Verification

When new applications are created for EAS, they must be verified through the Brand Application Review process. Below are details about the EAS consent.

Unverified applications are only available to users within your organization.

  • Users outside your organization asking for access receive a warning their access is restricted. They will be unable to use it.

  • Users in your organization will receive a warning that the application is unverified, but will have the option to continue to use the application. This enables your organization to iterate on the product during development.

  • If you click Continue to the App, the consent dialog displays a red banner stating that the application is unverified.

  • When the application passes a Brand Application Review, the audience restriction preventing outside users from seeing your application is removed and users get access to the consent dialog.

Requesting Consent

The consent dialog box for an EAS application is an agreement asking the end user to review information about the permissions. The end user consents to or denies consent to the terms of the EAS application. The consent screen displays the following information:

Field

Description

Application Name

The name of your application as it appears on the user's device.

Brand Logo

A 128 x 128 pixel icon representing your application.

Privacy Policy

A URL to your privacy policy.

Deleting User Account Data

As a developer, you're required to delete all of a user's account data upon their request. Or upon notification from Epic Games that a user has requested deletion of their data.

Account Services Data Privacy & Visibility

Here at Epic Games we take your privacy seriously. Our data privacy policy is designed to protect all users by requiring explicit consent for each application and for each type of data being accessed. We encourage all developers to request the minimum access necessary for their applications to function properly.

Account Data Access Requirements

When building new features in your application that will change your account data access requirements, you need to update your application settings. Afterwards, users will be asked for consent for any additional access levels. Users are able to revoke access at any time from outside of the application.

EOS SDK

The EOS SDK is built in C for a stable Application Binary Interface (ABI). It works with all applications and SDK edits can be made without having to recompile the application.