Storing User Data in Your Own Storage

How It Works

API methods will be calling different URLs depending on the selected storage method. You can store user data at Xsolla’s side, which is the default option, or in your own storage.

The latter option lets you manage your user database.

Who Can Use It

Partners who have already integrated Login.

How to Get It

If user data is stored at your side, you need to receive requests from https://login.xsolla.com/.

In your Publisher Account, go to General settings and choose Custom storage as the user database storage.

  1. Add the URL to send requests to and request payloads corresponding to the additional API methods.
  2. Test the links.

Additional API Methods

Login via Username/Password

  • Type: POST
  • Content-type: application/json
  • Request body: {“username”:“ХХХХ”, “password”:“ХХХХ”}
  • Response if success: HTTP 200, HTTP 204
  • Parameter: User verification URL

Sign up

  • Type: POST
  • Content-type: application/json
  • Request body: {“username”:“ХХХХ”, “password”:“ХХХХ”, “email”:“ХХХХ”}
  • Response if success: HTTP 200, HTTP 204
  • Parameter: New user URL

Change Password

  • Type: POST
  • Content-type: application/json
  • Request body: {“email”:“ХХХХ”}
  • Response if success: HTTP 200, HTTP 204
  • Parameter: Password change URL

Change Email

  • Type: POST
  • Content-type: application/json
  • Request body: {“token”:“XXXX”}
  • Response if success: HTTP 200, HTTP 204
  • Parameter: Email change URL

Authentication Results

You must enable the handling of different requests depending on the authentication results.

Successful Authentication

If the authentication succeeds, Login will redirect the user to the Callback URL.

HTTP REQUEST

GET https://<callbackUrl>?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiYWRtaW4iOnRydWV9.TJVA95OrM7E2cBab30RMHrHDcEfxjoYZgeFONFh7HgQ

Parameter Type Description
token string JWT (JSON Web Token). You can decrypt it using the secret key.

Decrypted Token Example

{
  "exp": 1471071785,
  "iss": "https://login.xsolla.com",
  "iat": 1470985385,
  "id": "11111111",
  "name": "John Carter",
  "email": "john@example.com",
  "type": "social",
  "provider": "social_network",
  "xsolla_login_access_key": "s4dGNSPKinUxkSRI8rhPhZRElHj2yusqEeqgLIgn"
}

Parameter Type Description
exp string Token expiry date.
iss string Service that signed the JWT. Example: https://login.xsolla.com.
iat string Token creation time.
id string User ID.
name string User’s full name.
email string [i18n] api_param_login_email_desc
type string Authentication type. Can be: ‘proxy’ — login via proxy; ‘social’ — login via social network.
provider string [i18n] api_param_login_prov_name_desc
xsolla_login_access_key string [i18n] api_param_login_access_key_desc

Failed authentication

If the authentication fails, Login will redirect the user to the Error callback URL, if any, or the Callback URL otherwise.

HTTP REQUEST

GET https://<callbackUrl>?error=003-002&error_description=User+not+found&login_url=https://site.com/fail_url

Parameter Type Description
error_description string Error description. Required.
error string Error code.
redirect_url string [i18n] api_param_login_auth_redir_url_desc