This guide walks you through provisioning a Hytale server and completing interactive device authentication using the GlassMC Pterodactyl egg. Follow the steps in order. Do not skip steps.
Overview (Read First)
Make sure you are using the latest version of Wings. Update your wings server or Authentication will have to be manually executed every time the server starts.
Hytale Early Access servers currently require interactive device authentication.
On a fresh server, authentication must be completed once before the server can run normally.
To handle this, setup follows a three-phase bootstrap flow:
-
Offline bootstrap (initial startup)
-
Interactive device authentication
-
Authenticated operation
This is expected behavior under the current 100-session non-entitled model.
Requirements
Before you begin, ensure you have:
-
Pterodactyl Panel (PTDL_v2)
-
A server using the Hytale (GlassMC) egg
-
A UDP allocation assigned to the server (Hytale requires QUIC/UDP)
-
A valid Hytale account (for device authentication)
-
Access to the server console
Step 1: Create the Server
-
In Pterodactyl, create a new server.
-
Select the egg:
Hytale (GlassMC) -
Assign:
-
At least 4 GB RAM (recommended)
-
A UDP port allocation
-
-
Complete server creation.
Do not start the server yet.
Step 2: Set Initial Authentication Mode (Critical)
Before first boot, you must start in offline mode.
-
Go to the server Startup tab.
-
Find the variable:
-
Set its value to:
-
Save changes.
This allows the server to boot without immediately requiring an authenticated session.
Step 3: First Server Start (Bootstrap)
-
Start the server.
-
Wait for startup to complete.
At this stage:
-
The Hytale downloader will run
-
Server files will be prepared
-
The server console will become interactive
The server is not authenticated yet. This is expected.
Step 4: Perform Device Authentication
Once the server is running, authenticate it using device login.
In the server console, run:
The server will output:
-
A URL
-
A device code
Complete authentication:
-
Open the provided URL in your browser.
-
Log in with your Hytale account.
-
Enter the device code.
-
Approve the login.
Success confirmation
In the server console, you should see:
This writes authentication credentials to disk.
This step only needs to be done once per server.
Step 5: Switch to Authenticated Mode
After authentication is complete:
-
Stop the server.
-
Go back to the Startup tab.
-
Change:
-
Save changes.
-
Start the server again.
The server should now:
-
Boot normally
-
Fetch signed manifests without errors
-
Run without authentication prompts
Step 6: Verify Normal Operation
A correctly authenticated server will:
-
Start without
403 Forbiddenerrors -
Not request
/auth login deviceagain -
Reach the normal “server booted” state
At this point, setup is complete.
Common Issues & Fixes
❌ 403 Forbidden on startup
Cause: Server is not authenticated yet.
Fix:
-
Ensure you completed
/auth login device -
Ensure the server was restarted in
authenticatedmode
❌ Server crashes immediately on first boot
Cause: Missing UDP allocation or incorrect startup order.
Fix:
-
Confirm a UDP port is assigned
-
Ensure first boot was done in
offlinemode
❌ Authentication prompt appears every restart
Cause: Server was not restarted after successful auth, or auth files were deleted.
Fix:
-
Stop server
-
Set
HYTALE_AUTH_MODE=authenticated -
Start again
Decommissioning a Server (Important)
If you permanently remove a Hytale server:
-
Stop the server.
-
Delete its data directory.
-
Remove it from your inventory.
Each authenticated server counts toward your 100-session allowance, even if stopped.
Do not leave unused authenticated servers lying around.
What This Egg Does NOT Do
-
It does not provide a Hytale license
-
It does not bypass authentication
-
It does not manage session limits for you
You are responsible for compliance with Hytale Early Access terms.
Summary
First time only:
-
Start in
offline -
/auth login device -
Switch to
authenticated
After that:
The server behaves like a normal dedicated server.
