VolvoEngineering Posted September 20 Report Share Posted September 20 (edited) Hi, by default steam-user generates machine ID based on account name, however after some time working with this library my steam account has a lot of different "Authorised devices" on steam settings page with names like "DESKTOP-<foobar>". All the time I was using log+pass+shared secret for logon Does machineID affect authorised devices? Does it mean that from Steam perspective every login is performed from different device? Will such behaviour affect steam account in terms of new update related to trade lock from new device? And main question - how can I authorise from same "device" for each logon request? Information from this block https://github.com/DoctorMcKay/node-steam-user?tab=readme-ov-file#machine-auth-tokens can be used for this purpose? How to do the same with authorisation via refresh token? Edited September 20 by VolvoEngineering Quote Link to comment Share on other sites More sharing options...
Dr. McKay Posted September 20 Report Share Posted September 20 You're asking a few different questions, so let me clarify how Steam views "devices". The machine ID that's by default generated from your account name is sent in the logon message. To my knowledge, it isn't really used for anything except maybe family sharing. The "DESKTOP-xxxxxx" names you see on your authorized devices page are controlled by the machineName you supply to the logOn() method. If you don't provide one, then it's auto-generated as you see. A "new device" for purposes of trading is determined by the machine auth token. If you use a previously-issued machine auth token to log on, then you won't need to provide an email Steam Guard code and it'll be counted as a previously-authorized device for purposes of trading restrictions. Logging in with username + password is what generates a new entry in the authorized devices page. Saving and using a refresh token to login more than once is the same thing as checking the "remember me" box when you log into the Steam client; it's treated as the same session and thus isn't counted as a new device when you log in after the first time. You won't generate new entries on the authorized devices page by reusing a refresh token. Quote Link to comment Share on other sites More sharing options...
VolvoEngineering Posted September 23 Author Report Share Posted September 23 Thanks, so if I want to keep same device i should listen to machineAuthToken event and pass this value to next logOn request. I am curious what will happen when I will have refresh token that is nearly to expire and I'll get new one using renewRefreshToken, will machine auth token aka "new device" remains the same without additional actions for this session? Quote Link to comment Share on other sites More sharing options...
Dr. McKay Posted September 23 Report Share Posted September 23 2 hours ago, VolvoEngineering said: I am curious what will happen when I will have refresh token that is nearly to expire and I'll get new one using renewRefreshToken, will machine auth token aka "new device" remains the same without additional actions for this session? Yes. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.