FAQs
Delete users or projects
How do I delete a Login project?
Contact your Customer Success Manager or email to csm@xsolla.com and specify the Login ID you want to delete. You can find the Login ID in Publisher Account.How do I delete a user from a Login project via API?
- Follow the steps below to use the Login API:
- Open your project in your Publisher Account and go to the Login section.
- Click Configure in the pane of a Login project.
- Go to the Security block and select the OAuth 2.0 section.
- Click Add OAuth 2.0.
- Specify OAuth 2.0 redirect URIs.
- Check the
Server (server-to-server connection)
box. - Click Connect.
- Copy and save the client ID and secret key.
- Generate a server token.
- Call the user deletion endpoint and pass the user and your Login project IDs with the
Authorization: Bearer <server_token>
header, whereserver_token
is your server token.
- curl
DELETE https://login.xsolla.com/api/users/{login_user_id}?projectId={login_project_id}
X-SERVER-AUTHORIZATION: Bearer {server_token}
Authentication
How do I set up a specific authentication on the Login widget 2.0?
Yes. Follow the instructions below to set it up:- Go to Publisher Account in your Login project > General settings > Authentication section.
- Set the switches you need to On.
How do I connect my own application for social network authentication? Can I add a title and icon for my own application?
If authentication via social networks has already been connected, Xsolla’s application credentials are used by default.
Reconnect the social network in Publisher Account:
- Specify the credentials of your own application.
- Complete the suggested settings in the social network card.
Can I change the order of the social networks on the Login widget?
Yes, contact your Customer Success Manager or email to csm@xsolla.com and specify:- the Login ID from Publisher Account
- the desired order of social networks
- the way you want to display buttons of social networks
How do I link a social network account to a user in a Login project?
The following are the ways of linking social network accounts to the user:- Automatic linking is executed if the user’s email address in the social network account matches the email address in the Login project.
- Manual linking is executed using the
Link social network to account call.
How do I enable two-factor authentication in a Login project?
Contact your Customer Success Manager or email to csm@xsolla.com with a request to enable.Does the Login have protection against brute-force attacks and other anomalies?
Yes, Login has rate limit, DDoS protection, and two-factor authentication.If I use a custom user data storage, how can I pass specific error codes to the widget instead of the general "Service temporarily unavailable. Please try again later."?
You can pass the error code in the response to the user registration, authentication, password reset, or email address change request in the following format:{
"error":{
"Code":"003-001"
}
}
Manage user password
Can I set a new password for a user without sending a confirmation email?
No, the password can’t be changed without sending a confirmation email.Can I declare a specific format for the password?
Yes, contact your Customer Success Manager or email to csm@xsolla.com and specify the Login ID from Publisher Account and the desired password requirements. For example, minimum and maximum length, allowed characters, required uppercase letter and/or number.Configure emails
Can I disable sending emails from Xsolla and send only my emails?
No, but you can change the email’s design. Follow the Email customization instruction to set this up.Can I use my own SendGrid application to send emails?
Yes, follow the instructions to do this. All Xsolla’s emails will also be sent through this service.How do I set the email address for the email’s sender?
Use your own SendGrid application. Set up authentication for your domain in SendGrid, then follow the instructions.Other
What Xsolla network IP addresses do I need to add to the allowlist to configure webhooks?
You need to receive and process webhooks from the following IP addresses:
185.30.20.0/24
185.30.21.0/24
185.30.23.0/24
If you integrated the Login product, additionally add processing webhooks from the following IP addresses:
35.236.32.131
34.94.154.26
34.94.14.95
34.102.48.30
34.94.115.185
34.94.173.132
35.236.35.100
35.236.117.164
34.94.0.85
35.235.99.248
34.94.25.33
When making a request to the Login API from a browser, I get the error “Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource (Reason: CORS header "Access-Control-Allow-Origin" missing)” . How do I fix this?
Go to Publisher Account in your Login project > General settings > URL section and add a domain from your own application to Allowed origins (CORS).I have set a Callback URL in my Login project. While testing the URL, it redirects me to https://login.xsolla.com/api/blank . How do I fix this?
Callback URL is a URL address or a path a user is redirected to after successful authentication, email confirmation, or password reset.
If you have specified more than one Callback URL in your Login project, the system will redirect all requests to the default URL. To set up redirection to the required URL, select your integration option and follow these instructions:
- If you integrated Login via widget, select the required Callback URL in Publisher Account in your Login project > General settings > Widget code section and copy a new widget code.
- If you integrated Login via API calls, for any request to the Login API, pass the required Callback URL as the value of the
login_url
parameter.
Is Login GDPR compliant?
Yes, Login complies with the requirements of the GDPR, CCPA and other regional regulations.Can I use Login in a mobile application?
Yes, to set up Login, use these instructions for the following SDKs:Found a typo or other text error? Select the text and press Ctrl+Enter.