Simplifies the integration of the Web Shop with the game.
The authentication widget does not require registration or password entry. A user simply needs to enter the user ID from the game or use the same social network account for login as for logging in to the game.
Note
Use user ID authentication if Xsolla Login isn’t set up in your game.
Provides a wide range of authorization methods: social networks, one-time codes or links, and login and password.
Allows you to customize the Xsolla Login widget.
You can impose age restrictions on authorization.
Note
Use Xsolla login authentication if this solution is already set up in your game.
For any of the authentication method, you can add a Fast Login block to your site.
User flow
The user goes to Web Shop with user ID authentication configured.
The user authorizes in the Web Shop in one of the following ways:
The user enters their ID in the Fast Login block and clicks the login button.
The user clicks the buy button for the selected item or the login button on the top bar:
A modal window for entering the user ID or logging in through a social network opens.
User enters their ID and clicks Continue or clicks on the social networks icon to choose a social network and completes authentication on the social network page.
The system checks if a user exists in the game. If a user with this ID or social account exists in the game, the user is authorized in the Web Shop. Otherwise an error message is displayed.
Webhook URLs should start with https://. Using http:// will cause an error.
Note
Xsolla storage is used by default. We recommend that you do not change it in Publisher Account since Xsolla storage provides a wider variety of settings.
Set up authorization via social networks already connected to your application (optional):
Go to the Authentication block and select Social login.
To set up a social network, go to the social network card, click the ⚙ icon to the right of the title, and select Connect.
Note
To use social network authorization, in the social network card settings, specify the Application ID and secret of the application in your project. The Application ID and secret are available from the developer account of the social provider. Detailed instructions for locating the Application ID and secret are available in the social network card settings in Publisher Account.
User flow
The user goes to Web Shop with Xsolla Login authentication configured.
The user clicks the buy button for the selected item, the login button on the top bar, or the login button in the Fast Login block.
A modal window opens with authorization methods set up in Xsolla Login.
The user proceeds to authorization and enters additional data if necessary.
The system checks if the user exists in the game. If the user exists in the game, the user is authorized in Web Shop. Otherwise an error message is displayed.
How to get it
In the Builder for your site, go to the Login settings block.
Select the Xsolla Login authorization option.
In the drop-down list, select New Login.
Note
As a result, the Login project with user authentication by email and password will be automatically created. For the created Login project, the Web Shop URL will be specified as a callback URL that the user will be redirected to in the following cases:
after successful authentication
after successful email confirmation
after password reset
in case of authentication failure
When you change the domain of Web Shop, the callback URL in the Login project settings changes automatically.
Go to the Login project settings from the modal window or click Set up authentication method in the Xsolla Login block.
Note
For authentication in Web Shop, set up the same social networks as for authentication in your application. If social networks are not set up, user authentication by email address and password will be available.
When setting up the authentication in Web Shop via social networks, use the same Application ID and Application Secret as for authentication in your application.
If you want the Login product to process all authentication logic, connect to Xsolla storage. More flexible settings will be available to you.
When you create a Login project, Xsolla storage is connected by default, no additional steps are required to configure it. If you have changed the default storage type and need to reconnect to Xsolla storage, follow these steps:
Go to the User database block and select the Storage section.
Select Xsolla storage and click Save changes.
Note
Xsolla storage supports JWT standard-based and OAuth 2.0 protocol-based authentication. All user information is stored on Xsolla’s side.
PlayFab storage
If you want to use PlayFab functionality to work with users, connect to PlayFab storage. The storage saves the following user data:
username
user email address
user password
fields from an extended registration form if the form is set up
Note
PlayFab storage supports JWT standard-based and OAuth 2.0 protocol-based authentication.
PlayFab storage gives you access to the following features:
user registration
authentication by email address or username and password
authentication via Twitch
user password reset
user blocking
To connect the storage:
Go to the User database block and select the Storage section.
Select PlayFab.
In the Title ID field, enter the value of the same field from your PlayFab account.
Click Save changes.
Note
All user information is stored on Xsolla’s side. User passwords are verified by PlayFab only.
Firebase storage
If you want to use Firebase functionality to work with users, connect to Firebase storage. This storage saves the following user data:
username
user email address
user password
fields from an extended registration form if the form is set up
Note
Firebase storage supports JWT standard-based and OAuth 2.0 protocol-based authentication.
To connect the storage:
Go to the User database block and select the Storage section.
Select Firebase.
In the API key field, enter the value of the same field from your Firebase account.
Click Save changes.
Note
All user information is stored in the JSON format and is updated in real time with every connected client.
Custom storage
If you use your own authorization system and store user data on your application side, connect to custom storage.
The custom storage gives you access to the following features:
user registration
authentication by email address or username and password
For the URLs you have set, implement an API that will respond as follows:
HTTP 200 / HTTP 204 for successful requests. If required, a JSON containing additional user data can be placed in the response body. The passed data is written to a JWT (the partner_data parameter).
Other HTTP status codes for unsuccessful requests.
Note
If you want the JWT to contain the user ID from your database, contact your Customer Success Manager or email to csm@xsolla.com.
For passwordless authentication via a phone number to work correctly, your API response must contain the account_id parameter that matches the user ID from the client.
Set up processing of requests from Xsolla Login server
Xsolla Login server requests are sent to URLs, you specified in Publisher Account, with the Authorization: Bearer <JWT> header. The JWT is signed with the secret key of your project.
Access token of the social network through which the user was authenticated. To enable the transmission of this claim, contact your Customer Success Manager or email to csm@xsolla.com.
The Fast Login block provides users with an additional way to authenticate on the site.
The appearance of the block and its features depend on the selected authentication method.
If authentication via user ID is configured for the site, the Fast Login block displays a field for entering the ID and a login button.
Features:
User authentication without additional transition to the modal window.
Setting up the content of the block. You can enable and configure the following sections:
Title
Description
Instructions on how to find the user ID
Custom background
You can also expand the features of the block, for example, add text, a button, or an image, using JS code.
If authentication via Xsolla Login is configured for the site, an additional button calling for authorization is displayed in the Fast Login block. When you click on the button in the block, a modal window opens for authorization using one of the Xsolla Login methods.
Features:
Setting up the text of the button calling for authorization
Setting up a custom background
You can also expand the features of the block, for example, add text, a button, or an image, using JS code.
For new sites, the Fast Login block is added to the Web Shop template by default, and you can remove it if necessary.
If you created a site earlier and it doesn’t have a Fast Login block, you can add it.
In the Sites section, select your site and click Open Site Builder.
Click Add block.
Choose Fast Login block.
Note
To use the Fast Login block, an authorization option should be chosen in advance from the drop-down list in the Login settings section.
For the user ID authentication method in the Login settings section, you also need to specify the URL to receive the webhook. If you don’t specify it, the site can’t be published because user authentication will be unavailable.
User authentication during site preview is possible without adding a webhook URL.