Login API supports the following token types:

Getting a user token

To get the token, send one of the following requests:

After JWT authentication, the user is redirected to the Callback URL with a token in a query-parameter: <Callback URL>?token=<User token (JWT)>.

After OAuth 2.0 protocol-based authentication, send the Generate JWT request to the Xsolla Login server to exchange the received code parameter for a user token (access_token).

Getting a server token

Using a server token requires an OAuth 2.0 client for server authentication. We don’t have settings for this type of OAuth 2.0 clients in Publisher Account. Сontact your Account Manager to create a client.

To get a token, send a Generate JWT request with the grant_type=client_credentials parameter.