Jump to content
McKay Development

Authorised devices


Recommended Posts

Hi, by default steam-user generates machine ID based on account name, however after some time working with this library my steam account has a lot of different "Authorised devices" on steam settings page with names like "DESKTOP-<foobar>". All the time I was using log+pass+shared secret for logon

Does machineID affect authorised devices? Does it mean that from Steam perspective every login is performed from different device? Will such behaviour affect steam account in terms of new update related to trade lock from new device?

And main question - how can I authorise from same "device" for each logon request?

Information from this block https://github.com/DoctorMcKay/node-steam-user?tab=readme-ov-file#machine-auth-tokens can be used for this purpose? How to do the same with authorisation via refresh token?

Edited by VolvoEngineering
Link to comment
Share on other sites

You're asking a few different questions, so let me clarify how Steam views "devices".

  • The machine ID that's by default generated from your account name is sent in the logon message. To my knowledge, it isn't really used for anything except maybe family sharing.
  • The "DESKTOP-xxxxxx" names you see on your authorized devices page are controlled by the machineName you supply to the logOn() method. If you don't provide one, then it's auto-generated as you see.
  • A "new device" for purposes of trading is determined by the machine auth token. If you use a previously-issued machine auth token to log on, then you won't need to provide an email Steam Guard code and it'll be counted as a previously-authorized device for purposes of trading restrictions.

Logging in with username + password is what generates a new entry in the authorized devices page. Saving and using a refresh token to login more than once is the same thing as checking the "remember me" box when you log into the Steam client; it's treated as the same session and thus isn't counted as a new device when you log in after the first time. You won't generate new entries on the authorized devices page by reusing a refresh token.

Link to comment
Share on other sites

Thanks, so if I want to keep same device i should listen to machineAuthToken event and pass this value to next logOn request.

I am curious what will happen when I will have refresh token that is nearly to expire and I'll get new one using renewRefreshToken, will machine auth token aka "new device" remains the same without additional actions for this session?

Link to comment
Share on other sites

2 hours ago, VolvoEngineering said:

I am curious what will happen when I will have refresh token that is nearly to expire and I'll get new one using renewRefreshToken, will machine auth token aka "new device" remains the same without additional actions for this session?

Yes.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
×
  • Create New...