Xsolla-logoXsolla Developers
or
To Publisher Account

[OAuth 2.0] Auth via social network Client-side

get/oauth2/social/{provider_name}/login_redirect

Redirects the user to the page for authentication via the specified social network.

Request
path Parameters
provider_name
required
string

Name of the social network connected to Login in Publisher Account. Can be: amazon, apple, babka, baidu, battlenet, discord, epicgames, facebook, github, google,kakao, linkedin, mailru, microsoft, msn, naver, ok, paypal, qq, reddit, steam, twitch, twitter, vimeo,vk, wechat, weibo, xbox, yahoo, yandex, youtube.

If you store user data in PlayFab, only twitch is available.

query Parameters
client_id
required
integer

Your application ID. Get it after creating an OAuth 2.0 client.

state
required
string

Value used for additional user verification. Often used to mitigate CSRF Attacks. The value will be returned in the response. Must be longer than 8 symbols.

response_type
required
string

Grant type used in your project that has the enabled OAuth 2.0 protocol. Must be code to get the user authentication code in the response. The received code must be exchanged to a JWT via the Generate JWT call to finish user authentication.

redirect_uri
string

URL to redirect the user to after account confirmation, successful authentication, or password reset confirmation. To set up this parameter, contact your Customer Success Manager or email to csm@xsolla.com.

Notice
The parameter is required if you have more than one redirect URI in your project settings.
scope
string

Scope is a mechanism in OAuth 2.0 to limit an application’s access to a user’s account.

Can be:

  • email for Auth via social network or Get link for social auth calls to request an email from the user additionally.
  • offline to use refresh_token from Generate JWT call to refresh the JWT when it is expired.
  • playfab to write SessionTicket to the session_ticket claim of the JWT if you store user data at PlayFab.

If you process your own values of the scope parameter, that are not mentioned above, you can set them when using this call. The Xsolla Login server does not process these values, but returns them in the received JWT.

When the email is requested and the social network did not respond with the email value:

  • the user will be asked to input an email in the corresponding form if you integrated Login Widget,
  • the user must be asked to input an email in the corresponding form of your own interface if you integrated Login API. Please send the URL of this form to your Customer Success Manager.

After the email is inputted, the user receives an email confirmation message. To disable email confirmation, please contact your Customer Success Manager.

locale
string >= 2 characters

Region in the <language code>_<country code> format, where:

The list of social networks will be sorted from most to least used, according to the variable value.

phone_only
boolean
Default: false

Arrange xsolla wallet form behaivior values:

  • true show only passwordless by phone,
  • false all auth methods.
Responses
302

Redirection

400

Bad Request

401

Bad Request

404

Not Found

422

Unprocessable Entity

429

Too Many Requests

Request samples 
curl --request GET \
  --url 'https://login.xsolla.com/api/oauth2/social/{provider_name}/login_redirect?redirect_uri=SOME_STRING_VALUE&client_id=SOME_INTEGER_VALUE&scope=SOME_STRING_VALUE&state=SOME_STRING_VALUE&response_type=SOME_STRING_VALUE&locale=SOME_STRING_VALUE&phone_only=false'
Response samples
{
  • "error": {
    }
}
System statusAll services operational

Privacy Settings

Privacy PolicyEnd User License Agreement© 2006–2025 Xsolla Inc.