Exchanges the user JWT from Steam, Xbox, or Epic Games to the JWT in your project (projectId
).
To enable silent authentication, use the instruction.
client_id required | integer Your application ID. Get it after creating an OAuth 2.0 client. |
response_type required | string Grant type used in your project that has the enabled OAuth 2.0 protocol. Must be |
state required | string Value used for additional user verification. Often used to mitigate CSRF Attacks. The value will be returned in the response. Must be longer than 8 symbols. |
redirect_uri | string URL to redirect the user to after account confirmation, successful authentication, or password reset confirmation. To set up this parameter, contact your Customer Success Manager or email to csm@xsolla.com. Notice
The parameter is required if you have more than one redirect URI in your project settings. |
session_ticket | string Session ticket received from the platform encoded according to the Base64 standard. |
scope | string Scope is a mechanism in OAuth 2.0 to limit an application’s access to a user’s account. Can be:
If you process your own values of the |
audience | string Identification parameter of the application the token was issued for. Parameter value will be passed in the |
app_id | string Your app ID on the platform. Required if the platform where the user is authorized is Steam. |
code | string Code received from the platform. |
is_redirect | boolean Default: true Shows how the Xsolla Login server should respond. If you set:
|
no_user_creation | boolean Default: false Do not create new user if they not exist yet. Existing users will be authorized as usual |
OK
Redirection
Bad Request
Not Found
Unprocessable Entity
Too Many Requests
curl --request GET \ --url 'https://login.xsolla.com/api/oauth2/social/{oauth2_cross_social_provider_name}/cross_auth?client_id=SOME_INTEGER_VALUE&response_type=SOME_STRING_VALUE&redirect_uri=SOME_STRING_VALUE&state=SOME_STRING_VALUE&session_ticket=SOME_STRING_VALUE&scope=SOME_STRING_VALUE&audience=SOME_STRING_VALUE&app_id=SOME_STRING_VALUE&code=SOME_STRING_VALUE&is_redirect=true&no_user_creation=false'
{- "login_url": "string"
}