Set up selling items
There are two Xsolla solutions for monetizing games — Buy Button (sell items on a game’s website) and In-Game Store (sell items in the game).
Buy Button gives you an opportunity to sell the following items for real or virtual currency:
- game keys
- virtual items
- virtual currency
- physical goods
In-Game Store gives you an opportunity to sell the following items for real or virtual currency:
- in-game currency and currency packages
- consumable items
- nonconsumable items
- time-limited items
You can sell items to unauthorized and authenticated users.
Set up selling items for unauthorized users
When making a purchase, users are limited by the following conditions:
- Unauthorized users can’t use the entitlement system.
- Payment methods and Xsolla balance are not available in Xsolla Pay Station.
| Goods | Selling method |
|---|---|
| One copy of a game (game key). | Use direct link or widget. |
| Several copies of the game (game keys) or several games in a cart. | Pass the unique user ID and email address. The email address and other additional data (a username and country code per ISO 3166-1 alpha-2) have the Base64 encoding and are passed in the title for the x-user parameter when calling the method for getting a payment token. |
| One item. | Use fast purchase calls of one item. |
| Several items in a cart. | Pass the unique user ID. The unique user ID is used in the title as a number or line when calling the In-Game Store & Buy Button API methods (x-unauthorized-id parameter). The identifier is generated on the front-end side, for example via the identifier generation library. |
Set up selling items for authenticated users
To manage the users’ access to your application and features of Xsolla products, set up an authentication system. For this, you can use Xsolla Login or implement your own authentication system.
If you have implemented your own authentication system and need only the payment UI, generate a Pay Station access token and set up webhooks on your server.
You can use Xsolla Login for your in-game store, if you don’t have your own servers or you want to use the existing solution. The following features are performed on the Xsolla side:
- store and manage a catalog
- manage prices
- store data on regional prices
- authenticate users
- process transactions
Authentication via Xsolla login
Xsolla Login supports the OAuth 2.0 standard protocol for user registration and authentication. The standard OAuth 2.0 protocol helps to simplify the development of the client-side application. OAuth 2.0 lets you update the access token without involving the user.
The data on authorized users can be stored:
- In the Xsolla storage. See Get started for Xsolla Login to set it up.
- In the PlayFab database. Use the how-to for the PlayFab storage to set it up.
- In a custom storage. Use the how-to for a custom storage to set it up.
Authentication via Pay Station access token
The flow of interaction between your client and the Xsolla server:
- Your client sends an authentication request to your server.
- Your server requests an authorization token and sends a header that contains
project_id/merchant_idandapi_keyparameters to the Xsolla server. - Xsolla server returns the Pay Station access token.
- Your server passes the Pay Station access token to your client.
- The returned Pay Station access token is used as an authorization token for authentication in the In-Game Store and Buy Button API and building a store interface.
Get Pay Station access token
On the back-end of your application, implement a method to get a Pay Station access token using an HTTP POST request.
The Xsolla API uses basic HTTP authentication. The request must contain the Authorization:Basic <your_authorization_basic_key> header where <your_authorization_basic_key> is the merchant_id:api_key encoded according to the Base64 standard. You can find the parameter values in Publisher Account:
- For
merchant_id, go to the Project settings > Webhooks > Merchant ID section. - For
api_key, go to the Company settings > API key section.
HTTP request:
POST https://api.xsolla.com/merchant/v2/merchants/{merchant_id}/token
To get the token, pass the following parameters in the request body:
| Parameter | Type | Description |
|---|---|---|
settings | object | Custom project settings (object). |
settings.project_id | integer | Game’s Xsolla ID. Can be found in Publisher Account beside the name of your project. Required. |
user | object | User details (object). |
user.id | object | User ID in your authorization system (object). |
user.id.value | string | User ID. Required. |
user.email | object | User email (object). |
user.email.value | string | User email. Must be valid according to the RFC 822 protocol. Required. |
user.name | object | User screen name (object). Required. |
user.name.value | string | User screen name |
user.steam_id | object | User Steam ID (object). |
user.steam_id.value | string | User Steam ID. Required if the application is published on Steam. |
user.playfab_id | object | User PlayFab ID (object) |
user.playfab_id.value | string | User PlayFab ID. Required if the application uses PlayFab services to grant items. |
See examples of requests and responses in the API reference.
custom_parameters, purchase, etc.), they are not intended to receive an authorization token.The lifetime of the Pay Station access token when working with the in-game store and inventory is 1 hour after the last call to the Xsolla API. To change the lifetime of the Pay Station access token, contact your Account Manager.
Implement the logic of receiving a new Pay Station access token after its expiration. It is recommended that you get a new token in the background mode, so the user doesn’t have to log in to the application again.
Found a typo or other text error? Select the text and press Ctrl+Enter.
