OSSv2 and auth expiration with EAS disabled

anonymous-edc · November 10, 2025, 8:39am

We are attempting to use Common User/Session Subsystems, OSSv2 w/ EAS disabled. Most things are running alright, except when the auth connection expires (after 1 hour of being logged), they get spammed with log messages.

In this [Content removed] it mentioned that we should set

EASAuthEnabled=false. Which seems to be correct for our intended use case.However, with auth disabled, the user doesn’t have an epic account id, so when this code runs in AuthEOSGS

TOnlineAsyncOpHandle<FAuthHandleConnectAuthNotifyExpirationImpl> FAuthEOSGS::HandleConnectAuthNotifyExpirationImplOp(FAuthHandleConnectAuthNotifyExpirationImpl::Params&& Params)
[...]
// When EAS is logged in use it to refresh the connect login.
if (AccountInfoEOS->EpicAccountId)
{
  // Auth has now entered degraded state for the user. Set timer to periodically attempt to reestablish full auth connection.
  InitializeConnectLoginRecoveryTimer(AccountInfoEOS);
}
else
{
  // No EAS login, notify user code to refresh connect login using external auth.
  OnAuthPendingAuthExpirationEvent.Broadcast(FAuthPendingAuthExpiration{ AccountInfoEOS });
}

It goes down the latter path and broadcasts that delegate. It looks like nothing is hooked to that delegate. So they don’t refresh their login, and then get spammed w/ packet errors.

Are we supposed to use this delegate to refresh the login?

If so, is there any guidance/suggestions on how to do that? It looks like with the way CommonUser is set up, if we wanted to refresh the login at that point, we would have to call GameInstance->Login, which looks like it would expect us to first log out. That feels like it would be disruptive to the play experience if the user had to log out fully to refresh their login (even if we did it under the hood for them. There appear to be all sorts of actions we do on logout that we shouldn’t be doing when refreshing a login (or at least not unless the refresh login fails) )

Or am I missing something, and there is a simpler way to refresh their login so they don’t get spammed w/ packets errors.

itho · November 11, 2025, 10:02am

Yes, you’ll need to register a function to handle this pending auth expiration if you’re not using Epic Account Services.

At the EOS SDK level, when you receive an “upcoming authentication expiration” notification via the EOS_Connect_AddNotifyAuthExpiration API, you’re expected to call EOS_Connect_Login again with valid third-party credentials to refresh access. You are not expected to log the user out of their current account, as this would be disruptive to the player experience.

With the plugin, the function that reacts to this event should retrieve a valid external auth token from your identity provider, and then call Login() similarly to your initial login with EOS.

FAuthLogin::Params Params;
Params.PlatformUserId = AuthPendingAuthExpirationEvent.AccountInfo->PlatformUserId;
Params.CredentialsType = LoginCredentialsType::ExternalAuth;
Params.CredentialsToken.Emplace<FExternalAuthToken>(ExternalAuthToken);
 
IOnlineServicesPtr Services = GetServices(GetWorld(), EOnlineServices::Default);
Services->GetAuthInterface()->Login(MoveTemp(Params))
.OnComplete([](const TOnlineResult<FAuthLogin>& Result)
{
    // ...
});