[OAuth2.0] Auth via device ID

Xsolla Developers

или

Личный кабинет

[OAuth2.0] Auth via device ID Client-side

post/oauth2/login/device/{device_type}

Authenticates a user via a particular device ID.

Request

path Parameters

device_type

required

string

Type of the device.

Enum: "android" "ios" "macos" "windows"

query Parameters

client_id required	integer Your application ID. Get it after creating an OAuth 2.0 client.
response_type required	string Grant type used in your project that has the enabled OAuth 2.0 protocol. Must be `code` to get the user authentication code in the response. The received code must be exchanged to a JWT via the Generate JWT call to finish user authentication.
state required	string Value used for additional user verification. Often used to mitigate CSRF Attacks. The value will be returned in the response. Must be longer than 8 symbols.
redirect_uri	string URL to redirect the user to after account confirmation, successful authentication, or password reset confirmation. To set up this parameter, contact your Customer Success Manager or email to csm@xsolla.com. Notice The parameter is required if you have more than one redirect URI in your project settings.
scope	string Scope is a mechanism in OAuth 2.0 to limit an application’s access to a user’s account. Can be: `email` for Auth via social network or Get link for social auth calls to request an email from the user additionally. `offline` to use `refresh_token` from Generate JWT call to refresh the JWT when it is expired. `playfab` to write SessionTicket to the `session_ticket` claim of the JWT if you store user data at PlayFab. If you process your own values of the `scope` parameter, that are not mentioned above, you can set them when using this call. The Xsolla Login server does not process these values, but returns them in the received JWT.

Request Body schema: application/json

device required	string <= 100 characters Manufacturer and model name of the device.
device_id required	string [ 16 .. 36 ] characters Device ID: For Android, it is an ANDROID_ID constant. For iOS, it is an identifierForVendor property.

Responses

200

400

Bad Request

401

Unauthorized

404

Not Found

422

Unprocessable Entity

429

Too Many Requests

Request samples

application/json

{"device": "ONEPLUS A6003",
"device_id": "1AF516EFACD646F6"
}

Response samples

application/json

{"login_url": "string"
}