FAQs

Delete users or projects

How do I delete a Login project?

Contact your Customer Success Manager or email to csm@xsolla.com and specify the Login ID you want to delete. You can find the Login ID in Publisher Account.

How do I delete a user from a Login project via API?

  1. Follow the steps below to use the Login API:
    1. Open your project in your Publisher Account and go to the Login section.
    2. Click Configure in the pane of a Login project.
    3. Go to the Security block and select the OAuth 2.0 section.
    4. Click Add OAuth 2.0.
    5. Specify OAuth 2.0 redirect URIs.
    6. Check the Server (server-to-server connection) box.
    7. Click Connect.
    8. Copy and save the client ID and secret key.
    9. Generate a server token.
  2. Call the user deletion endpoint and pass the user and your Login project IDs with the Authorization: Bearer <server_token> header, where server_token is your server token.
Copy
Full screen
Small screen
DELETE https://login.xsolla.com/api/users/{login_user_id}?projectId={login_project_id}
X-SERVER-AUTHORIZATION: Bearer {server_token}

Authentication

How do I set up a specific authentication on the Login widget 2.0?

Yes. Follow the instructions below to set it up:
  1. Go to Publisher Account in your Login project > General settings > Authentication section.
  2. Set the switches you need to On.
This feature is not implemented for the previous version of the Login widget.

How do I connect my own application for social network authentication? Can I add a title and icon for my own application?

If authentication via social networks has already been connected, Xsolla’s application credentials are used by default.

Reconnect the social network in Publisher Account:

  1. Specify the credentials of your own application.
  2. Complete the suggested settings in the social network card.

Can I change the order of the social networks on the Login widget?

Yes, contact your Customer Success Manager or email to csm@xsolla.com and specify:
  • the Login ID from Publisher Account
  • the desired order of social networks
  • the way you want to display buttons of social networks
By default, the order of social networks is determined by their popularity in the user’s region.

How do I link a social network account to a user in a Login project?

The following are the ways of linking social network accounts to the user:
  • Automatic linking is executed if the user’s email address in the social network account matches the email address in the Login project.
  • Manual linking is executed using the Link social network to account call.
To get information about linked social network accounts, use the Get linked networks call.

How do I enable two-factor authentication in a Login project?

Contact your Customer Success Manager or email to csm@xsolla.com with a request to enable.

Does the Login have protection against brute-force attacks and other anomalies?

Yes, Login has rate limit, DDoS protection, and two-factor authentication.

If I use a custom user data storage, how can I pass specific error codes to the widget instead of the general "Service temporarily unavailable. Please try again later."?

You can pass the error code in the response to the user registration, authentication, password reset, or email address change request in the following format:
Copy
Full screen
Small screen
    {
       "error":{
          "Code":"003-001"
       }
    }
    

    Manage user password

    Can I set a new password for a user without sending a confirmation email?

    No, the password can’t be changed without sending a confirmation email.

    Can I declare a specific format for the password?

    Yes, contact your Customer Success Manager or email to csm@xsolla.com and specify the Login ID from Publisher Account and the desired password requirements. For example, minimum and maximum length, allowed characters, required uppercase letter and/or number.

    Configure emails

    Can I disable sending emails from Xsolla and send only my emails?

    No, but you can change the email’s design. Follow the Email customization instruction to set this up.

    Can I use my own SendGrid application to send emails?

    Yes, follow the instructions to do this. All Xsolla’s emails will also be sent through this service.

    How do I set the email address for the email’s sender?

    Use your own SendGrid application. Set up authentication for your domain in SendGrid, then follow the instructions.

    Other

    What Xsolla network IP addresses do I need to add to the allowlist to configure webhooks?

    You need to receive and process webhooks from the following IP addresses:

    • 185.30.20.0/24
    • 185.30.21.0/24
    • 185.30.23.0/24

    If you integrated the Login product, additionally add processing webhooks from the following IP addresses:

    • 35.236.32.131
    • 34.94.154.26
    • 34.94.14.95
    • 34.102.48.30
    • 34.94.115.185
    • 34.94.173.132
    • 35.236.35.100
    • 35.236.117.164
    • 34.94.0.85
    • 35.235.99.248
    • 34.94.25.33

    When making a request to the Login API from a browser, I get the error “Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource (Reason: CORS header "Access-Control-Allow-Origin" missing)”. How do I fix this?

    Go to Publisher Account in your Login project > General settings > URL section and add a domain from your own application to Allowed origins (CORS).

    I have set a Callback URL in my Login project. While testing the URL, it redirects me to https://login.xsolla.com/api/blank. How do I fix this?

    Callback URL is a URL address or a path a user is redirected to after successful authentication, email confirmation, or password reset.

    If you have specified more than one Callback URL in your Login project, the system will redirect all requests to the default URL. To set up redirection to the required URL, select your integration option and follow these instructions:

    • If you integrated Login via widget, select the required Callback URL in Publisher Account in your Login project > General settings > Widget code section and copy a new widget code.
    • If you integrated Login via API calls, for any request to the Login API, pass the required Callback URL as the value of the login_url parameter.

    Is Login GDPR compliant?

    Yes, Login complies with the requirements of the GDPR, CCPA and other regional regulations.

    Can I use Login in a mobile application?

    Yes, to set up Login, use these instructions for the following SDKs:
    Was this article helpful?
    Thank you!
    Is there anything we can improve? Message
    We’re sorry to hear that
    Please explain why this article wasn’t helpful to you. Message
    Thank you for your feedback!
    We’ll review your message and use it to help us improve your experience.
    Last updated: December 20, 2024

    Found a typo or other text error? Select the text and press Ctrl+Enter.

    Contents
    Report a problem
    We always review our content. Your feedback helps us improve it.
    Provide an email so we can follow up
    Thank you for your feedback!