Silent authentication via publishing platform
Silent authentication allows users to log into you application without having to enter their credentials again. With this type of authentication, the Xsolla Login server uses the credentials that the user provided on the application's publishing platform.
To implement silent authentication via the publishing platform:
- Set up the application in the platform developer account.
- Set up silent authentication in Publisher Account.
- Complete integration steps on your application’s side.
Set up silent authentication
In the Login product, two approaches to enabling silent authentication are implemented:
- by configuring the classic login option (see instructions below);
- by creating a shadow Login project (see How to set up a shadow Login project).
To enable silent authentication in the classic login option:
- Open your project in Publisher Account and go to the Login section.
- Click Configure in the panel of a classic login option.
- On the navigation page, go to the Authentication block and select the Publishing platforms section.
- To connect a publishing platform, click the ⚙ icon next to its name and select Settings.
- In the modal window, specify the parameters for the selected platform:
- Application ID — AppID of your account on the platform;
- Application secret key — Web API Key.
- Epic Games:
- Application ID — Client ID of the client of your game on the platform;
- Application secret key — Secret key of the client of your game on the platform.
- Xbox Live:
- Application ID — Application ID/Client ID of your game on the platform;
- Application secret key — Application Secret generated when your game was registered on the platform.
- Click Connect.
- Repeat steps 4 – 6 for other publishing platforms, if required.
Integrate on application side
- Integrate the publishing platform SDK into your application.
- Implement the logic of obtaining the session ticket:
- For Steam, get the session ticket.
- For Xbox Live, form a session ticket based on the platform data after user authentication. The parameter is formed based on the
<xid>— Xbox User ID
<uhs>— user hash
<XSTSToken>— Xbox Secure Token Service
- For Epic Games, get the authorization code (
exchange code) from the platform that is generated after user authentication and is used as a session ticket.
- Implement user authentication logic using SDK methods:
AuthenticateWithSessionTicket— exchanges the session ticket from the publishing platform to Java Web Token (JWT) and authenticates the user.
LogoutUser— ends the active user session.
Was this article helpful?
Rate this page
Don’t want to answer
Thank you for your feedback!
Found a typo or other text error? Select the text and press Ctrl+Enter.