OAuth 2.0: Connecting

How It Works

Xsolla Login supports the OAuth 2.0 protocol-based user authentication. Detailed info on the OAuth 2.0 protocol is available on its official website. Use the Xsolla Login API methods to work with the OAuth 2.0 protocol.

Who Can Use It

Partners who integrated Xsolla Login and use the Xsolla or PlayFab databases.

How to Get It

  1. Connect the OAuth 2.0 client.
  2. Update your project integration.

Connecting OAuth 2.0 Client

  1. Go to Publisher Account in your Login project > General settings > Authorization > OAuth 2.0 authentication section.
  2. Click Connect.
  3. Specify in the opened window:
    1. Client name.
    2. OAuth 2.0 redirect URIs. Parameter redirect_uri for the Login API methods.
    3. Authentication type: public or confidential.

Info: For details on the client types, see The OAuth 2.0 Authorization Framework. When working with Login API:
  • The confidential client requires the use of the client ID and secret key when calling the Generate JWT method to get and update the access token.
  • The public client only requires the use of client ID.
  • The method JWT Auth by Username and Password is only available for the public client.

  1. Click Connect.

Note: After connecting the OAuth 2.0 client, a window will open. In this window, the client ID and secret key are specified (the client_id and client_secret parameters for the Login API methods, respectively). Use the values of these parameters when updating your project integration.

When working with Login API, you can also use the scope parameter. Possible parameter values:

  • offline for updating the user JWT. Passing scope=offline to the registration or authentication method is required.
  • email for the additional user email request when authenticating the user via a social network. Set this value if you have integrated the product Login via the previous version of the Login widget. See Collecting emails during social authentication recipe.

Updating Project Integration

The flow for updating project settings depends on the Login integration type:

Updating Integration via the Login Widget

  1. If you integrate Login via the widget:
    • For widget 2.0: add the client_id, response_type, state, and redirect_uri to the initialization code. Also you can add the scope parameter. You should specify the HTTP/HTTPS scheme in the redirect_uri parameter, as in https://example.com.

Example:

Copy
Full screen
Small screen
<script>
const xl = new XsollaLogin.Widget({
  projectId: '[Login ID]',
  preferredLocale: 'en_US',
  clientId: '[client_id]',
  responseType: 'code',
  state: '[custom_state]',
  redirectUri: '[redirect_uri]'
});
</script>

    • For the previous version of widget: add the redirect_uri and client_id parameters to the initialization code. You should specify the HTTP/HTTPS scheme in the redirect_uri parameter.

Example:

Copy
Full screen
Small screen
<script type="text/javascript">
XL.init({
  projectId: '[Login ID]',
  callbackUrl: '[callbackUrl]',
  locale: 'en_US',
  redirectUri: '[redirect_uri]',
  clientId: '[client_id]'
});
</script>

  1. Use the Generate JWT method after successful user authentication to get a JWT. The code parameter required for getting the JWT is passed to redirect_uri after user authentication or registration.

Example:

Copy
Full screen
Small screen
POST https://login.xsolla.com/api/oauth2/token

Headers:
Content-Type: application/x-www-form-urlencoded

Body:
client_id=11&client_secret=vGbXcsQ0CEW233m2qldYkd5IxbnRKoWt2YiBOgHYJGRGQwtIAdtxgxT64ik&code=ldYkd5IxbnRKoWt2YiBOgHYJGRGQwtIAdtxgxT64ik&grant_type=authorization_code&redirect_uri=https://my-website.com/callback

Updating Integration via Xsolla Login API

Use the API methods for the OAuth 2.0 protocol listed below to authenticate users. If you have already integrated methods for the JWT protocol, replace them by calling the OAuth 2.0 methods.

Registration

Use the Register a New User method to add a new user.

Example:

Copy
Full screen
Small screen
POST https://login.xsolla.com/api/oauth2/user?response_type=code&client_id=11&scope=offline&state=rr21112rrr&redirect_uri=https://my-website.com/callback

Headers:
  Content-Type: application/json

Body:
{
  "username": "John",
  "password": "password123",
  "email": "john@gmail.com"
}

Authenticating via a Username and Password

Use the Auth by Username and Password method to get the code parameter.

Example:

Copy
Full screen
Small screen
POST https://login.xsolla.com/api/oauth2/login?response_type=code&client_id=11&scope=offline&state=rr21112rrr&redirect_uri=https://my-website.com/callback

Headers:
  Content-Type: application/json

Body:
{
  "username": "John",
  "password": "password123"
}

Exchange code for a JWT using the method for getting the JWT.

Authenticating via Social Networks

Use the Auth via Social Network method to get the code parameter.

Example:

Copy
Full screen
Small screen
GET https://login.xsolla.com/api/oauth2/social/google/login_redirect?response_type=code&client_id=11&scope=offline&state=rr21112rrr&redirect_uri=https://my-website.com/callback

Exchange code for a JWT using the method for getting the JWT.

Getting JWT

Use the Generate JWT method with the grant_type=authorization_code parameter to get the user JWT. The code parameter required for getting the JWT is passed to redirect_uri after user authentication or registration.

Example:

Copy
Full screen
Small screen
POST https://login.xsolla.com/api/oauth2/token

Headers:
Content-Type: application/x-www-form-urlencoded

Body:
client_id=11&client_secret=vGbXcsQ0CEW233m2qldYkd5IxbnRKoWt2YiBOgHYJGRGQwtIAdtxgxT64ik&code=ldYkd5IxbnRKoWt2YiBOgHYJGRGQwtIAdtxgxT64ik&grant_type=authorization_code&redirect_uri=https://my-website.com/callback

Updating Integration via the Login SDK

Login SDK supports the OAuth 2.0 protocol-based authentication. For setting up the OAuth 2.0 client, choose the game engine and follow the instructions: