Connect user data storage

Depending on the method of storing user data, different product functionality is available to you.

If you want the Login product to process all authentication logic, connect the Xsolla storage. More flexible settings will be available to you.

The storage supports the JWT standard-based and OAuth 2.0 protocol-based authentication.

To connect the storage:

  1. Go to General settings.
  2. In the User data storage block, select Xsolla storage.

Note
  • The Xsolla storage is a storage method set by default every time you create a new Login project.
  • All user information is stored at the Xsolla’s side.

If you want to use PlayFab functionality to work with users, connect the PlayFab storage. The storage saves the following user data:

  • username
  • user email address
  • user password
  • fields from an extended registration form if the form is set up

The storage supports the JWT standard-based and OAuth 2.0 protocol-based authentication.

To connect the storage:

  1. Go to General settings.
  2. In the User data storage block, select PlayFab.
  3. In the Title ID field, enter the value of the same field from your PlayFab account.

Note
This user data is stored at Xsolla’s side, too, but passwords are validated by PlayFab only.

If you use your own authorization system and store user data at your application side, connect the custom storage.

The storage supports the JWT standard-based authentication.

To set up the connection between the Xsolla Login server and your application as a client:

  1. Connect the custom storage.
  2. Set up the processing of requests from the Xsolla Login server.

Note
The user data is stored at Xsolla’s side, too, but passwords are validated by a custom storage only.

Connect custom storage

  1. Go to General settings.
  2. In the User data storage block, select Custom storage.
  3. Enter the URLs that you want for sending API requests:
  4. Implement an API for URLs you set, which will respond in the following way:
    • HTTP 200/HTTP 204 for successful requests. A JSON containing additional user data can be placed in the response body, if needed. Passed data is written to a JWT (partner_data parameter).
    • Other HTTP status codes for unsuccessful requests.

Note
  • If you want a JWT to contain the user ID from your database, contact your Account Manager.
  • For passwordless authentication via a phone number to work correctly, your API response must contain an account_id parameter that matches the user ID from the client.

Set up processing of requests from Xsolla Login server

Xsolla Login server requests are sent to URLs, you specified in Publisher Account, with the Authorization: Bearer <JWT> header. The JWT is signed with the secret key of your project.

To process a request:

  1. Validate a received JWT.
  2. If the validation is successful, decode the JWT and make sure it includes the claims from the table below. Find and use a library for decoding.

ClaimTypeDescription
expUnix TimestampThe date and time of the JWT expiry. The JWT lifetime is 7 minutes.
iatUnix TimestampThe date and time JWT is issued.
issstringThe service that signed the JWT: https://login.xsolla.com.
request_typestringConstant: gateway_request.
xsolla_login_project_idstring (UUID)Your Login project ID in Publisher Account.

Example of a token payload:

Copy
Full screen
Small screen
{
  "exp": 1573635020,
  "iat": 1573634600,
  "iss": "https://login.xsolla.com",
  "request_type": "gateway_request",
  "xsolla_login_project_id": "00000000-0000-0000-0000-000000000000"
}

Your progress
Thank you for your feedback!

Continue reading

Last updated: June 9, 2021

Found a typo or other text error? Select the text and press Ctrl+Enter.

Report a problem
We always review our content. Your feedback helps us improve it.
Provide an email so we can follow up
Thank you for your feedback!