Basic Game Setup

Set up Network Storage in your s&box game from scratch. Install the library, create a project, configure collections, and implement basic data operations.

Install from s&box GitHub source
YAML Source is the Network Storage authoring standard.
Use the s&box Library Manager install for auto-updates. GitHub is best for agents, source review, contributions, and manual installs.
1 Install Network Storage Library 2 Create a Project & Configure Credentials 3 Create Collections 4 Sync with Network Storage 5 Set Up s&box Auth (Optional but Recommended) 6 Basic Data Operations
Step 5 of 6
5

Set Up s&box Auth (Optional but Recommended)

s&box Auth verifies that API requests come from real s&box players. It prevents identity spoofing and forged requests. This step is optional for development, but strongly recommended before publishing.

## Why Use Auth?

Without auth, anyone who knows your API key and a Steam ID can make requests as that player. With auth, every request is verified against Facepunch's servers to confirm the player's identity.

| Without Auth | With Auth |
|-------------|-----------|
| Requests are trusted as-is | Requests are verified via Facepunch |
| Anyone with the API key can make requests | Only real s&box players can make requests |
| Fine for prototyping | Required for production |

## Enable Auth

1. Go to your project on the [Network Storage dashboard](/tools/network-storage)
2. Open **Project Settings**
3. Toggle **s&box Auth** on
4. Click **Save**

That is it. Every request to this project now requires a valid auth token.

## How It Works in Your Code

**The library handles auth automatically.** When s&box Auth is enabled, the library calls `Services.Auth.GetToken("sbox-network-storage")` internally and attaches the token to every request. No code changes needed.

```csharp
// Auth is handled behind the scenes — same code with or without auth
var result = await NetworkStorage.CallEndpoint( "report-kill", new {
    target = "goblin"
} );
```

You do not need to generate tokens, pass Steam IDs, or modify your API calls. The library does it all.

## Skip Auth for Now

If you want to get your game working first and add auth later:

1. Leave **s&box Auth** disabled in project settings
2. Build and test your endpoints
3. Enable auth when you are ready to publish

Your game code does not change when you toggle auth on or off.

## Handling Auth Errors

If auth fails, the library returns `null` from `CallEndpoint`:

```csharp
var result = await NetworkStorage.CallEndpoint( "add-gold", new { amount = 100 } );

if ( !result.HasValue )
{
    // Could be auth failure, network error, or endpoint error
    // Check the s&box console for [NetworkStorage] log messages
    Log.Warning( "Request failed" );
    return;
}
```

The library logs detailed error information to the s&box console, including the error code (`SBOX_AUTH_FAILED`), the endpoint URL, and request details.

## Auth Readiness

```csharp
if ( await NetworkStorage.EnsureEndpointAuthAsync( "report-kill" ) )
{
    var result = await NetworkStorage.CallEndpoint( "report-kill", new { target = "training_dummy" } );
}
```

The library fetches single-use auth tokens internally and attaches them to each endpoint call.
Tips & Troubleshooting 

> **Tip:** Always test with auth disabled first to isolate endpoint logic from auth issues. Once your endpoints work, enable auth and verify everything still works from within s&box. Auth tokens can only be generated inside the s&box engine, so use the library or dashboard test tools for auth-enabled testing.

> For the full auth reference including error codes, security layers, and advanced configuration, see the [s&box Auth documentation](/wiki/network-storage-v3/sbox-auth).
Read full documentation for this topic
Previous
Sync with Network Storage
Step 4
Next
Basic Data Operations
Step 6