Xsolla-logoXsolla Developers
or
To Publisher Account

[OAuth2.0] Register new user Client-side

post/oauth2/user

Creates a new user.

  • If you store user data at Xsolla or in custom storage, the user will receive an account confirmation email.
  • If you store user data at PlayFab, you can set up sending the account confirmation email to the user. Use the PlayFab instruction for this.
  • If you store user data at Firebase, the user will receive an account confirmation message from Firebase side.

See the Comparison of user data storages page for more information about user data storages.

Request
query Parameters
response_type
required
string

Grant type used in your project that has the enabled OAuth 2.0 protocol. Must be code to get the user authentication code in the response. The received code must be exchanged to a JWT via the Generate JWT call to finish user authentication.

client_id
required
integer

Your application ID. Get it after creating an OAuth 2.0 client.

state
required
string

Value used for additional user verification. Often used to mitigate CSRF Attacks. The value will be returned in the response. Must be longer than 8 symbols.

scope
string

Scope is a mechanism in OAuth 2.0 to limit an application’s access to a user’s account.

Can be:

  • email for Auth via social network or Get link for social auth calls to request an email from the user additionally.
  • offline to use refresh_token from Generate JWT call to refresh the JWT when it is expired.
  • playfab to write SessionTicket to the session_ticket claim of the JWT if you store user data at PlayFab.

If you process your own values of the scope parameter, that are not mentioned above, you can set them when using this call. The Xsolla Login server does not process these values, but returns them in the received JWT.

audience
string

Identification parameter of the application the token was issued for. Parameter value will be passed in the aud JWT field.

redirect_uri
string

URL to redirect the user to after account confirmation, successful authentication, or password reset confirmation. To set up this parameter, contact your Customer Success Manager or email to csm@xsolla.com.

Notice
The parameter is required if you have more than one redirect URI in your project settings.
payload
string

Your custom data. The value of the parameter will be returned in the payload claim of the user JWT. Recommended maximum length less than 500 characters. Note, that this parameter is only available if you use a custom user data storage.

Request Body schema: application/json
username
required
string [ 3 .. 255 ] characters

Username.

password
required
string [ 6 .. 100 ] characters

User password.

email
required
string [ 1 .. 255 ] characters

User email address.

accept_consent
boolean

Whether the user gave consent to processing of their personal data.

fields
object

Parameters used for extended registration form. To use this feature, please contact your Customer Success Manager.

Responses
200

OK (Account confirmation is disabled)

204

No Content (Account confirmation is enabled)

400

Bad Request

404

Not Found

422

Unprocessable Entity

429

Too Many Requests

Request samples
application/json
{
  • "email": "john-email@email.com",
  • "fields": {
    },
  • "password": "password123",
  • "username": "John"
}
Response samples
application/json
{
  • "login_url": "string"
}
System statusAll services operational

Privacy Settings

Privacy PolicyEnd User License Agreement© 2006–2025 Xsolla Inc.