Home
- Java 17 or newer
- A permission plugin of some kind (LuckPerms, UltraPermissions, etc...)
- One of the following:
- Paper 1.19.4+
- Velocity 1.19.4+
- Bungeecord 1.19.4+
- Optional: MySQL / MariaDB
- Optional: PlaceholderAPI for placeholders.
| Command | Description |
|---|---|
/gslink or /2fa
|
Link a Minecraft account to GamerSafer, or require them to authenticate |
/gsunlink |
Unlinks the player's GamerSafer account if linked (console only) |
/gslink <playername> or /2fa <playername>
|
Link another player's Minecraft account to GamerSafer, or require them to authenticate |
/gsreload |
Reloads the plugin configuration |
Note: Other commands registered by GSAuth are used for verification purposes only.
| Permission | Description |
|---|---|
| gsauth.reload | Access to /gsreload |
| gsauth.verify | Access to /gslink or /2fa
|
| gsauth.verify.other | Allow to target other players with /gslink <playername> or /2fa <playername>
|
| gsauth.verify.required | If a player has this permission they will be required to authenticate/link their account when joining their server. |
When a player is given the gsauth.verify.required permission, they will be required to complete authentication before being able to do certain things on your server. This can be configured in the when-player-is-not-verified: sections in your config.yml in both your proxy and standalone server.
This indicates the process of linking your Minecraft account with your GamerSafer account. This is done by first scanning a QR code in the app, which is presented from an in-game menu. You will first be presented with a confirmation.
Example linking menu process
Once you have completed the scanning, by clicking on the Emerald Block GSAuth will confirm your authentication.
This indicates the process of authenticating your already linked GamerSafer account. This is to ensure that you are truly the person using your current Minecraft account. This is done by authenticating via the GamerSafer app, which is done by interacting with the prompted notification.
Example authentication menu
When completing the verification via the GamerSafer app, you must click on the Click to Confirm text to confirm your verification.
Many of the gui elements used in authentication are highly customizable.
For information on how to configure these menus, see the config guide.
If I run a proxy network, do I need to install the GSAuth plugin on every server?
Not necessarily. The GSAuth plugin installed on your proxy will communicate with other installs of the GSAuth plugin.
When you install GSAuth on your network, you have three options:
- Install the plugin on your Proxy and on every server on that network
- Install the plugin on your Proxy and on the Hub servers on that network
- Install the plugin in standalone mode on every individual server on the network
The second option is commonly chosen since many networks have just a few Hub servers that all players are forced onto. If players have to authenticate before they can warp to another server on the network, then the network can be protected with minimal plugin installs and configurations.
Make sure to set single-server: false in config.yml if you are installing the plugin on the proxy.
Will GSAuth work on a reverse proxy?
A reverse-proxy setup should work fine.
What information is sent over the API calls from the server to GamerSafer?
- No chat logs or gameplay interactions outside of the account linking process are sent to GamerSafer via the GSAuth for Minecraft plugin
- UUID and username of the Minecraft account to validate and link to the player's GamerSafer profile
- Timestamp of when the authentication and verification requests occur
What information is sent over the API calls back to the server?
- No Personal Identifiable Information (PII) is sent back to the Minecraft server
- Unique QR code payload with Guild ID attached so the GS app can invite the player to join
- Success of player authentication and guild acceptance with the app
- UUID during the guild invite process so we can match the generated QR code with the player
- A success or fail response if the player has been authenticated/linked
- guildMemberId of the player (generated after the guild invite is accepted - we don't send the actual username, but instead a unique ID specific to your Guild, so even if someone was able to see the list of guildMemberIds on your server they wouldn't know the GamerSafer profile it's connected to)
- Our confidence level on whether they are a minor, teen, or adult - for example, if they say they are a minor but our AI believes they are not a minor. We do not send the actual age or other contact or personal data
- In the future we'll send player gaming preferences that they can optionally set in our app which your server can use to tailor features and content for them
What information does GamerSafer receive and store when I create my profile in the app?
- For more detailed information, you can view our Privacy Policy or contact us
- Our app is installed by many gamers from all around the world with many different kinds of devices. In order to support those devices, especially older smartphones, our app may send some additional information such as selfie image, network connectivity info, IP addresses, and device model to help us properly process the authentication and verification requests. This is important for older devices to be able to use our service and allow the players to be checked against fraudulent, impersonation, or scam activities with strong confidence. Verification selfies are not stored on any dedicated GamerSafer servers without expressed consent from the user for support purposes on an individual basis in compliance with global privacy laws and and data minimization best practices.