How it works
Silent authentication allows you to automatically authenticate users in your game via a publishing platform. The Steam, Xbox Live, and Epic Games platforms are currently supported. If you need support for the Stone or Mail.ru platforms, contact your Account Manager.
- User launches your game.
- The game receives platform authorization data through the platform SDK.
- Your game generates and sends a request to the Xsolla Login server to get a JWT.
- The Xsolla Login server authenticates the user and sends the JWT.
With silent authentication, you can also collect user email addresses as you would with the authentication via social networks. To configure this, use the Collecting email addresses and phone numbers instructions.
Who can use it
Partners who have already integrated Login and have a publishing platform account.
How to get it
- Set up silent authentication in Publisher Account.
- Complete integration steps on the side of your application.
Setting up silent authentication
In the Login product, two approaches to enabling silent authentication are implemented:
- by configuring the classic login option (see instructions below);
- by creating a shadow Login project (see How to set up a shadow Login project).
To enable silent authentication in the classic login option:
- Open your project in Publisher Account and go to the Login section.
- Click Configure in the panel of a classic login option.
- On the navigation page, go to the Authentication block and select the Publishing platforms section.
- To connect a publishing platform, click the ⚙ icon next to its name and select Settings.
- In the modal window, specify the parameters for the selected platform:
- Application ID — AppID of your account on the platform;
- Application secret key — Web API Key.
- Epic Games:
- Application ID — Client ID of the client of your game on the platform;
- Application secret key — Secret key of the client of your game on the platform.
- Xbox Live:
- Application ID — Application ID/Client ID of your game on the platform;
- Application secret key — Application Secret generated when your game was registered on the platform.
- Click Connect.
- Repeat steps 4 – 6 for other publishing platforms, if required.
Application side integration
Use the instruction for the publishing platform that hosts your application:
Form a session ticket (
session_ticket parameter) based on the platform data after user authentication:
- Get the session ticket.
- Pass it to the silent authentication request (JWT or OAuth 2.0) as a
- Form a session ticket (
session_ticketparameter) based on the platform data after user authentication. The parameter is formed based on the
<xid>— Xbox User ID
<uhs>— user hash
<XSTSToken>— Xbox Secure Token Service
- Pass the
session_ticketparameter to the silent authentication request (JWT or OAuth 2.0).
- Get the
exchangecodeauthorization code from the platform, which is generated after user authentication.
- Pass the received
exchangecodeto the silent authentication request (JWT or OAuth 2.0) as the
Was this article helpful?
Rate this page
Don’t want to answer
Thank you for your feedback!
Found a typo or other text error? Select the text and press Ctrl+Enter.