Home Page
Solutions
Web Shop
Overview Enable Buy Button via link-outs to Web Shop Integration flow Demo walkthrough
Catalog and items
Create Web Shop
Promotions
Test and publish Web Shop
Analytics
Payments
Overview Accept in-app payments on iOS via Xsolla Pay Station Integration scenarios
Generation of payment token on client side
Generation of payment token on server side
Testing
Catalog configuration
Customization
Promotions
Payment UI management
Anti-fraud
Sell game keys
Overview Integration flow
Prerequisites
Catalog
Create site
Set up authentication
Set up selling game keys
Promotions and other features
Publishing platform
Cloud Gaming
Digital Distribution Hub
Products
Pay Station
Shop Builder
Overview
Integration guide
Features
How-tos
Extensions
References
Tutorials
Subscriptions
Site Builder
Partner Network
Login
Overview API reference FAQs
Integration guide
Authentication options
User data storage
Security
Customization
Communication service providers
Features
How-tos
Extensions
Legal settings
References
Metaframe
Overview
Integration guide
Setting up custom sections
Setting up Wallet
Setting up Backpack
Setting up mobile version
Launcher
Overview
Integration guide
Features
How-tos
Extensions
References
Chat
Xsolla Partner Ecosystem FAQs
API references
Getting started Pay Station API Login API Shop Builder API Webhooks Subscriptions API DDH API
SDKs & libraries
Xsolla Mobile SDK
Headless checkout
SDK for Unity (PC, web)
Overview SDK reference documentation
Integration guide
BaaS integrations
Demo project
Authentication
Catalog
Subscriptions
Promotions
Item purchase
Player inventory
User account and attributes
Application build guides
Troubleshooting
How to migrate to SDK version 1.0.0 and higher How to migrate to SDK version 2.0.0 and higher
SDK for Unreal Engine
Overview SDK reference documentation
Integration guide
BaaS integrations
Demo project
Authentication
Catalog
Subscriptions
Promotions
Item purchase
Player inventory
User account and attributes
Application build guides
How to modify SDK
SDK for Cocos Creator
Overview
Integration guide
Demo project
Authentication
Catalog
Promotions
Subscriptions
Item purchase
Player inventory
User account and attributes
Troubleshooting
How to connect native Xsolla SDK for Android to your project How to connect native Xsolla SDK for iOS to your project
Extensions for BaaS
PHP

Single Sign-on

How it works

If you have several connected services with a common single account for user authentication, you can use Single Sign-on. The game website works as a service. It will allow a user to enter their credentials only once. After that, when opening one of the connected services, the user will already be authenticated.

Interaction flow

  1. Unauthenticated user opens one of the services.
  2. Your client sends the Check user authentication request to the Xsolla Login server and gets error 401.
  3. Your client opens the authentication form (Login Widget or your login UI) for the user.
  4. The user authenticates via a username and password or via a social network.

  1. Your client authenticates the user in your Login project:
    • The following requests are used when integrating Login via API calls:
    • The OAuth 2.0 protocol is used when integrating Login via the Widget.
    The user session data is saved on the Xsolla Login server. The server sends login_uri that contains redirect_uri with code in the query-parameter.

  1. Your client redirects the user to redirect_uri.
  2. Your server sends the Generate JWT request to exchange the received code for a JWT. The user is authenticated on the service.
  3. The user opens another service.
  4. Your client sends the Check user authentication request to the Xsolla Login server and receives login_uri that contains redirect_uri with code in the query-parameter.
  5. Your server sends the Generate JWT request to exchange the received code for a JWT. The user is authenticated on the second service.

Differentiating access rights for different services

To differentiate user account access rights for different services, you can use special values of the scope parameter (e.g. scope=playfab) in different OAuth 2.0 clients.

Who can use it

Partners who have already integrated Login and use Xsolla, Firebase, or PlayFab database.

How to get it

To connect Single Sign-on:

  1. Connect the OAuth 2.0 protocol.
  2. Implement the getting user session request callback.

Connecting OAuth 2.0 protocol

Follow the instruction to connect the OAuth 2.0 protocol. You can use one OAuth 2.0 client for all services or create a separate OAuth 2.0 client for every service.

Calling request for getting user session

Implement the Check user authentication request callback when opening your service. The request should be executed before opening the authentication form for the user. For authentication, use the OAuth 2.0 client parameters of the exact service the user wants to authenticate in.

Example of the request:

Copy
Full screen
Small screen

http

  • http
  • curl
1GET https://login.xsolla.com/api/oauth2/sso?client_id=<client_id>&redirect_uri=<redirect_uri>&scope=<scope>&state=<state>&response_type=code HTTP/1.1

1curl --request GET \
2  --url 'https://login.xsolla.com/api/oauth2/sso?redirect_uri=redirect_uri&response_type=code&state=state&scope=scope&client_id=client_id'

Example of the response when the user is authenticated:

Copy
Full screen
Small screen
  • http
1HTTP/1.1 200 OK
2Content-Type: application/json
3
4{
5  "login_url": "<redirect_uri>?code=<code>"
6}

To get a user JWT:

  1. Your client implements and uses the request that redirects the user to the received redirect_uri.
  2. Your server sends the Generate JWT request with received code and grant_type=authorization_code for getting a JWT.

Example of the response when the user is not authenticated:

Copy
Full screen
Small screen
  • http
1HTTP/1.1 401 Unauthorized
2Content-Type: application/json
3
4{
5  "error": {
6    "code": "003-040",
7    "description": "User is unauthorized."
8  }
9}
Was this article helpful?
Thank you!
Is there anything we can improve? Message
We’re sorry to hear that
Please explain why this article wasn’t helpful to you. Message
Thank you for your feedback!
We’ll review your message and use it to help us improve your experience.
Last updated: July 31, 2024

Found a typo or other text error? Select the text and press Ctrl+Enter.

System status
All services operational
Partial outage
© 2006–2025 Xsolla Inc.
Report a problem
We always review our content. Your feedback helps us improve it.
Provide an email so we can follow up
Thank you for your feedback!
We couldn't send your feedback
Try again later or contact us at doc_feedback@xsolla.com.