Adapted by Better-Auth in a PR
Better-Auth currently does not have a Steam provider. If you've used Steam authentication before, you may understand why. It doesn't exactly comply with OAuth or OIDC standards. For example
- Steam Authentiation does not respect state.
- Steam does not require a Client ID or Client Secret, or even require an Application registration with redirect whitelisting.
- Steam does not have an OIDC endpoint, you must use your own API Key to make requests to the
ISteamUser/GetPlayerSummaries/v002/api once recieving the callback from steam. - Steam does not return an email address, as we retrieve the user profile from a 'public' endpoint - as to say we only have access to what would otherwise be visible from the users steamcommunity/profile page.