OAuth 2.0: Connecting
How it works
Xsolla Login supports the OAuth 2.0 protocol-based user authentication. Detailed info on the OAuth 2.0 protocol is available on its official website. Use the Xsolla Login API methods to work with the OAuth 2.0 protocol.
Who can use it
Partners who integrated Xsolla Login and use the Xsolla or PlayFab databases.
How to get it
Connecting OAuth 2.0 client
- Go to Publisher Account in your Login project > General settings > Authorization > OAuth 2.0 authentication section.
- Click Connect.
- Specify in the opened window:
- Client name.
- OAuth 2.0 redirect URIs. Parameter redirect_uri for the Login API methods.
- Authentication type: public or confidential.
- The confidential client requires the use of the client ID and secret key when calling the
Generate JWT method to get and update the access token. - The public client only requires the use of client ID.
- The method
JWT auth by username and password is only available for the public client.
- Click Connect.
When working with Login API, you can also use the
offline for updating the user JWT. Passingscope=offline to the registration or authentication method is required.email for the additional user email request when authenticating the user via a social network. Set this value if you have integrated the product Login via the previous version of the Login widget. See Collecting emails during social authentication instruction.
Updating project integration
The flow for updating project settings depends on the Login integration type:
Updating integration via the Login widget
- If you integrate Login via the widget:
- For widget 2.0: add the
client_id ,response_type ,state , andredirect_uri to the initialization code. Also you can add thescope parameter. You should specify the HTTP/HTTPS scheme in theredirect_uri parameter, as in https://example.com.
- For widget 2.0: add the
Example:
- html
<script>
const xl = new XsollaLogin.Widget({
projectId: 'LOGIN_PROJECT_ID',
preferredLocale: 'en_US',
clientId: 'CLIENT_ID',
responseType: 'code',
state: 'CUSTOM_STATE',
redirectUri: 'REDIRECT_URI'
});
</script>
- For the previous version of widget: add the
redirect_uri andclient_id parameters to the initialization code. You should specify the HTTP/HTTPS scheme in theredirect_uri parameter.
- For the previous version of widget: add the
Example:
- html
<script type="text/javascript">
XL.init({
projectId: 'LOGIN_PROJECT_ID',
callbackUrl: 'CALLBACK_URL',
locale: 'en_US',
redirectUri: 'REDIRECT_URI',
clientId: 'CLIENT_ID'
});
</script>
- Use the Generate JWT method after successful user authentication to get a JWT. The code parameter required for getting the JWT is passed to redirect_uri after user authentication or registration.
Example:
- http
POST /api/oauth2/token HTTP/1.1
Host: login.xsolla.com
Content-Type: application/x-www-form-urlencoded
client_id=11&client_secret=vGbXcsQ0CEW233m2qldYkd5IxbnRKoWt2YiBOgHYJGRGQwtIAdtxgxT64ik&code=ldYkd5IxbnRKoWt2YiBOgHYJGRGQwtIAdtxgxT64ik&grant_type=authorization_code&redirect_uri=https://my-website.com/callback
Updating integration via Xsolla Login API
Use the API methods for the OAuth 2.0 protocol listed below to authenticate users. If you have already integrated methods for the JWT protocol, replace them by calling the OAuth 2.0 methods.
Registration
Use the Register a new user method to add a new user.
Example:
- http
POST /api/oauth2/user?response_type=code&client_id=11&scope=offline&state=rr21112rrr&redirect_uri=https://my-website.com/callback HTTP/1.1
Host: login.xsolla.com
Content-Type: application/json
{
"username": "John",
"password": "password123",
"email": "john@gmail.com"
}
Authenticating via a username and password
Use the Auth by username and password method to get the code parameter.
Example:
- http
POST /api/oauth2/login?response_type=code&client_id=11&scope=offline&state=rr21112rrr&redirect_uri=https://my-website.com/callback HTTP/1.1
Host: login.xsolla.com
Content-Type: application/json
{
"username": "John",
"password": "password123"
}
Exchange code for a JWT using the method for getting the JWT.
Authenticating via social networks
Use the Auth via social network method to get the code parameter.
Example:
- http
GET /api/oauth2/social/google/login_redirect?response_type=code&client_id=11&scope=offline&state=rr21112rrr&redirect_uri=https://my-website.com/callback HTTP/1.1
Host: login.xsolla.com
Exchange code for a JWT using the method for getting the JWT.
Getting JWT
Use the Generate JWT method with the grant_type=authorization_code parameter to get the user JWT. The code parameter required for getting the JWT is passed to redirect_uri after user authentication or registration.
Example:
- http
POST /api/oauth2/token HTTP/1.1
Host: login.xsolla.com
Content-Type: application/x-www-form-urlencoded
client_id=11&client_secret=vGbXcsQ0CEW233m2qldYkd5IxbnRKoWt2YiBOgHYJGRGQwtIAdtxgxT64ik&code=ldYkd5IxbnRKoWt2YiBOgHYJGRGQwtIAdtxgxT64ik&grant_type=authorization_code&redirect_uri=https://my-website.com/callback
Updating integration via the Login SDK
Login SDK supports the OAuth 2.0 protocol-based authentication. For setting up the OAuth 2.0 client, choose the game engine and follow the instructions: