https://store.xsolla.com/api
In-Game Store & Buy Button API provides a third-party solution for implementing the server side for your store interface. Use the endpoints to manage in-game items, in-game currencies, cart, player inventory, promotions, game library, etc.
It can be enabled for two Xsolla products:
For more information, read Integration guide.
Xsolla API uses basic access authentication. All requests to API must
contain the Authorization: Basic <your_authorization_basic_key>
header, where your_authorization_basic_key
is the project_id:api_key
pair encoded according to the Base64 standard.
Go to Xsolla Publisher Account to find values of the parameters:
project_id
on the All projects > Project ID pageapi_key
on the Company settings > API key tab.You can use merchant_id
instead of project_id
. It doesn't affect
functionality.
To find merchant_id
, go to Company settings > Company > Merchant ID.
Security Scheme Type | HTTP |
---|---|
HTTP Authorization Scheme | basic |
By default, the Xsolla Login User JWT (Bearer token) is used for authorization. You can try calling this endpoint with a test Xsolla Login User JWT token: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJleHAiOjE5NjIyMzQwNDgsImlzcyI6Imh0dHBzOi8vbG9naW4ueHNvbGxhLmNvbSIsImlhdCI6MTU2MjE0NzY0OCwidXNlcm5hbWUiOiJ4c29sbGEiLCJ4c29sbGFfbG9naW5fYWNjZXNzX2tleSI6IjA2SWF2ZHpDeEVHbm5aMTlpLUc5TmMxVWFfTWFZOXhTR3ZEVEY4OFE3RnMiLCJzdWIiOiJkMzQyZGFkMi05ZDU5LTExZTktYTM4NC00MjAxMGFhODAwM2YiLCJlbWFpbCI6InN1cHBvcnRAeHNvbGxhLmNvbSIsInR5cGUiOiJ4c29sbGFfbG9naW4iLCJ4c29sbGFfbG9naW5fcHJvamVjdF9pZCI6ImU2ZGZhYWM2LTc4YTgtMTFlOS05MjQ0LTQyMDEwYWE4MDAwNCIsInB1Ymxpc2hlcl9pZCI6MTU5MjR9.GCrW42OguZbLZTaoixCZgAeNLGH2xCeJHxl8u8Xn2aI
.
You can use the Pay Station access token as an alternative.
Security Scheme Type | HTTP |
---|---|
HTTP Authorization Scheme | bearer |
Bearer format | "JWT" |
When selling a cart with games or physical goods, you can call the endpoint without authorization.
To do this:
x-unauthorized-id
parameter in the header for games and physical goodsx-user
parameter (Base64 encoded) in the header for games.By default, the Xsolla Login User JWT (Bearer token) is used for authorization. You can try calling this endpoint with a test Xsolla Login User JWT token: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJleHAiOjE5NjIyMzQwNDgsImlzcyI6Imh0dHBzOi8vbG9naW4ueHNvbGxhLmNvbSIsImlhdCI6MTU2MjE0NzY0OCwidXNlcm5hbWUiOiJ4c29sbGEiLCJ4c29sbGFfbG9naW5fYWNjZXNzX2tleSI6IjA2SWF2ZHpDeEVHbm5aMTlpLUc5TmMxVWFfTWFZOXhTR3ZEVEY4OFE3RnMiLCJzdWIiOiJkMzQyZGFkMi05ZDU5LTExZTktYTM4NC00MjAxMGFhODAwM2YiLCJlbWFpbCI6InN1cHBvcnRAeHNvbGxhLmNvbSIsInR5cGUiOiJ4c29sbGFfbG9naW4iLCJ4c29sbGFfbG9naW5fcHJvamVjdF9pZCI6ImU2ZGZhYWM2LTc4YTgtMTFlOS05MjQ0LTQyMDEwYWE4MDAwNCIsInB1Ymxpc2hlcl9pZCI6MTU5MjR9.GCrW42OguZbLZTaoixCZgAeNLGH2xCeJHxl8u8Xn2aI
.
You can use the Pay Station access token as an alternative.
Security Scheme Type | HTTP |
---|---|
HTTP Authorization Scheme | bearer |
Xsolla API uses basic access authentication. All requests to API must contain the Authorization: Basic <your_authorization_basic_key>
header, where your_authorization_basic_key
is the merchant_id:api_key
pair encoded according to the Base64 standard.
Go to Xsolla Publisher Account > Company settings to find values of the parameters:
merchant_id
on the Company tabapi_key
on the API key tab.Security Scheme Type | HTTP |
---|---|
HTTP Authorization Scheme | basic |