How to set up a shadow Login project

  1. Create a shadow Login project if it has not already been created (see Integration Guide, steps 1–5).
  2. Set up your shadow Login project in Publisher Account.
  3. Integrate the solution on the side of your application.

Setting up in Publisher Account

  1. Open your project in Publisher Account and go to the Login section.
  2. Click Configure in the panel of a shadow Login project.
  3. Go to the Authentication block and select the Publishing platforms section.
  1. To connect a publishing platform, click the ⚙ icon next to its name and select Settings.
Note
Currently, integration with the Steam, Xbox Live and Epic Games platforms is supported. If you need support for the Stone or Mail.ru platforms, contact your Customer Success Manager or email to csm@xsolla.com.
  1. In the modal window, specify the parameters for the selected platform:
    • Steam:
      • Application ID — AppID of your account on the platform;
      • Application secret keyWeb API Key.
    • Epic Games:
      • Application ID — Client ID of the client of your game on the platform;
      • Application secret key — Secret key of the client of your game on the platform.
    • Xbox Live:
      • Application ID — Application ID/Client ID of your game on the platform;
      • Application secret key — Application Secret generated when your game was registered on the platform.
Note
For the Xbox Live platform, it is not necessary to provide setting values. You can connect Xbox Live with access keys owned by Xsolla. To do this, click the ⚙ icon to the right of the platform name and select Connect.
  1. Click Connect.
  2. Go to the Callback URLs tab and specify the following parameters:
    • Callback URL — the URL or path in the application to which users are redirected after they have successfully authenticated, confirmed their email, or reset their password. You can specify multiple valid URLs.
    • Error callback URL — the URL or path in the application to which users are redirected in case of an authentication error. If no value is specified, the Callback URL value will be used.
  1. Click Save changes.
Note
In addition to the basic settings, you can also configure additional parameters for your shadow Login project. This can be done at the same time as the basic setup or later. You can find additional settings on the Login project page in the Security, Communication providers, Customization, and Legal settings blocks.

Application side integration

Use the instruction for the publishing platform that hosts your application:

Steam

Form a session ticket (session_ticket parameter) based on the platform data after user authentication:
  1. Get the session ticket.
  2. Pass it to the silent authentication request (JWT or OAuth 2.0) as a session_ticket parameter.

Xbox Live

  1. Form a session ticket (session_ticket parameter) based on the platform data after user authentication. The parameter is formed based on the <xid>-<uhs>;<XSTSToken> template where:
    • <xid> — Xbox User ID;
    • <uhs> — user hash;
    • <XSTSToken> — Xbox Secure Token Service.
  2. Pass the session_ticket parameter to the silent authentication request (JWT or OAuth 2.0).

Epic Games

  1. Get the exchangecode authorization code from the platform, which is generated after user authentication.
  2. Pass the received exchangecode to the silent authentication request (JWT or OAuth 2.0) as the session_ticket parameter.
Was this article helpful?
Thank you!
Is there anything we can improve? Message
We’re sorry to hear that
Please explain why this article wasn’t helpful to you. Message
Thank you for your feedback!
We’ll review your message and use it to help us improve your experience.
Last updated: September 18, 2024

Found a typo or other text error? Select the text and press Ctrl+Enter.

Report a problem
We always review our content. Your feedback helps us improve it.
Provide an email so we can follow up
Thank you for your feedback!