Xsolla-logo

Silent authentication

get/social/{cross_social_provider_name}/cross_auth

Exchanges the user JWT from Steam, Xbox, Stone, Mail.ru, or Abyss for the JWT in your project (projectId).

You will get the link to redirect the user to your project.

To enable silent authentication, use the instruction.

Request
path Parameters
cross_social_provider_name
required
string

Name of the platform the user authorized in. Can be steam, xbox, stone, mailru, abyss.

query Parameters
projectId
required
string <uuid>

Login project ID from Publisher Account.

login_url
string

URL to redirect the user to after account confirmation, successful authentication, two-factor authentication configuration, or password reset confirmation. Must be identical to the Callback URL specified in the URL block of Publisher Account. To find it, go to Login > your Login project > General settings. Required if there are several Callback URLs.

fields
Array of strings non-empty

List of parameters which must be requested from the user or social network additionally and written to the JWT. The parameters must be separated by a comma. For example, email.

When the email is requested and the social network did not respond with the email value:

  • the user will be asked to input their email in the corresponding form if you integrated Login Widget,
  • the user must be asked to input their email in the corresponding form of your own interface if you integrated Login API. Please send the URL of this form to your Account Manager.

After the email is inputted, the user receives an email confirmation message. To disable email confirmation, please contact your Account Manager.

app_id
string

Your app ID in the platform.

payload
string

Your custom data. The value of the parameter will be returned in the payload claim of the user JWT.

with_logout
string
Default: "0"

Shows whether to deactivate the existing user JWT values and activate the one generated by this call. Can have the following values:

  • 1 to deactivate the existing values and activate a new one,
  • 0 to keep the existing values activated.
session_ticket
string

Session ticket received from the platform.

code
string

Code received from the platform.

is_redirect
boolean
Default: true

Shows how the Xsolla Login server should respond. If you set:

  • true value, the Xsolla Login server returns the 302 response code. URL for user redirection with user JWT will be in the Location header.
  • false value, the Xsolla Login server returns the 200 response code. URL for user redirection with user JWT will be in the response body.
Responses
200

OK

302

Redirection

400

Bad Request

404

Not Found

422

Unprocessable Entity

429

Too Many Requests

Request samples
curl -i -X GET \
  'https://login.xsolla.com/api/social/{cross_social_provider_name}/cross_auth?projectId=497f6eca-6276-4993-bfeb-53cbbbba6f08&login_url=string&fields=string&app_id=string&payload=string&with_logout=0&session_ticket=string&code=string&is_redirect=true'
Response samples
application/json
{
  • "login_url": "string"
}