跳转到内容

LiveOps API (2.0.0)

Overview

  • Version: 2.0.0
  • Servers: https://store.xsolla.com/api
  • Contact Us by Email
  • Contact URL: https://xsolla.com/
  • Required TLS version: 1.2

LiveOps is a toolkit for driving ongoing player engagement through promotions and personalized offers.

Use the API to manage the following features:

  • Promotions — create and manage coupons, promo codes, discounts, and bonus campaigns.
  • Personalization — specify the conditions for displaying the item catalog and applying promotions only for certain authorized users.
  • Promotion limits — set a limit on how many times a promotion can be used by a user and configure scheduled resets for these limits.
  • Reward chains & Value points — configure reward progressions tied to value point accumulation.
  • Daily chains — set up recurring daily rewards to motivate regular logins.
  • Offer chains — build sequential purchase offers with per-step pricing and free reward options.
  • Upsell — a sales method in which the user is offered to buy an item with additional value.

API calls

The API is divided into the following groups:

  • Admin — calls for creating, updating, activating, and deleting campaigns and chain configurations. Authenticated via basic access authentication with your merchant or project credentials.
  • Client — calls for retrieving available promotions, getting active chains, redeeming codes, and claiming rewards on behalf of authenticated end users. Authenticated via user JWT.

Authentication

API calls require authentication either on behalf of a user or on behalf of a project. The authentication scheme used is specified in the Security section in the description of each call.

Authentication using user's JWT

User's JWT authentication is used when a request is sent from a browser, mobile application, or game. In this case, a user's JWT is used. By default, the XsollaLoginUserJWT scheme is applied. For details on how to create a token, see the Xsolla Login API documentation.

The token is passed in the Authorization header in the following format: Authorization: Bearer <user_JWT>, where <user_JWT> is the user token. The token identifies the user and provides access to personalized data. You can try this call using the following test token:

eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJleHAiOjE5NjIyMzQwNDgsImlzcyI6Imh0dHBzOi8vbG9naW4ueHNvbGxhLmNvbSIsImlhdCI6MTU2MjE0NzY0OCwidXNlcm5hbWUiOiJ4c29sbGEiLCJ4c29sbGFfbG9naW5fYWNjZXNzX2tleSI6IjA2SWF2ZHpDeEVHbm5aMTlpLUc5TmMxVWFfTWFZOXhTR3ZEVEY4OFE3RnMiLCJzdWIiOiJkMzQyZGFkMi05ZDU5LTExZTktYTM4NC00MjAxMGFhODAwM2YiLCJlbWFpbCI6InN1cHBvcnRAeHNvbGxhLmNvbSIsInR5cGUiOiJ4c29sbGFfbG9naW4iLCJ4c29sbGFfbG9naW5fcHJvamVjdF9pZCI6ImU2ZGZhYWM2LTc4YTgtMTFlOS05MjQ0LTQyMDEwYWE4MDAwNCIsInB1Ymxpc2hlcl9pZCI6MTU5MjR9.GCrW42OguZbLZTaoixCZgAeNLGH2xCeJHxl8u8Xn2aI

Alternatively, you can use a token for opening the payment UI.

Basic HTTP authentication

Basic HTTP authentication is used for server-to-server interactions, when an API call is sent directly from your server rather than from a user's browser or mobile application. HTTP Basic authentication with an API key is typically used.

Note

The API key is confidential and must not be stored or used in client applications.

With basic server-side authentication, all API requests must include the following header:

  • for basicAuthAuthorization: Basic <your_authorization_basic_key>, where your_authorization_basic_key is the project_id:api_key pair encoded in Base64
  • for basicMerchantAuthAuthorization: Basic <your_authorization_basic_key>, where your_authorization_basic_key is the merchant_id:api_key pair encoded in Base64

You can find the parameter values in Publisher Account:

  • merchant_id is displayed:
    • In Company settings > Company.
    • In the URL in the browser address bar on any Publisher Account page. The URL has the following format: https://publisher.xsolla.com/<merchant_id>.
  • project_id is displayed:
    • Next to the project name in Publisher Account.
    • In the URL in the browser address bar when working on a project in Publisher Account. The URL has the following format: https://publisher.xsolla.com/<merchant_id>/projects/<project_id>.
  • api_key is shown in Publisher Account only at the time of creation and must be stored securely on your side. You can create an API key in the following sections:
Notice

If a required API call doesn't include the project_id path parameter, use an API key that is valid across all company projects for authorization.

For more information about working with API keys, see the API references.

Authentication with guest access support

The AuthForCart authentication scheme is used for cart purchases and supports two modes:

  1. Authentication with a user's JWT. The token is passed in the Authorization header in the following format: Authorization: Bearer <user_JWT>, where <user_JWT> is the user token. The token identifies the user and provides access to personalized data. You can try this call using the following test token:
eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJleHAiOjE5NjIyMzQwNDgsImlzcyI6Imh0dHBzOi8vbG9naW4ueHNvbGxhLmNvbSIsImlhdCI6MTU2MjE0NzY0OCwidXNlcm5hbWUiOiJ4c29sbGEiLCJ4c29sbGFfbG9naW5fYWNjZXNzX2tleSI6IjA2SWF2ZHpDeEVHbm5aMTlpLUc5TmMxVWFfTWFZOXhTR3ZEVEY4OFE3RnMiLCJzdWIiOiJkMzQyZGFkMi05ZDU5LTExZTktYTM4NC00MjAxMGFhODAwM2YiLCJlbWFpbCI6InN1cHBvcnRAeHNvbGxhLmNvbSIsInR5cGUiOiJ4c29sbGFfbG9naW4iLCJ4c29sbGFfbG9naW5fcHJvamVjdF9pZCI6ImU2ZGZhYWM2LTc4YTgtMTFlOS05MjQ0LTQyMDEwYWE4MDAwNCIsInB1Ymxpc2hlcl9pZCI6MTU5MjR9.GCrW42OguZbLZTaoixCZgAeNLGH2xCeJHxl8u8Xn2aI

Alternatively, you can use a token for opening the payment UI.

  1. Simplified mode without Authorization header. This mode is used only for unauthorized users and can be applied only for game key sales. Instead of a token, the request must include the following headers:
    • x-unauthorized-id with a request ID
    • x-user with the user's email address encoded in Base64

Core entity structure

Items of all types (virtual items, bundles, virtual currency, and keys) use a similar data structure. Understanding the basic structure simplifies working with the API and helps you navigate the documentation more easily.

Note

Some calls may include additional fields but they don't change the basic structure.

Identification

  • merchant_id — company ID in Publisher Account
  • project_id — project ID in Publisher Account
  • sku — item SKU, unique within the project

Store display

  • name — item name
  • description — item description
  • image_url — image URL
  • is_enabled — item availability
  • is_show_in_store — whether the item is displayed in the catalog

For more information about managing item availability in the catalog, see the documentation.

Organization

  • type — item type, for example, a virtual item (virtual_item) or bundle (bundle)
  • groups — groups the item belongs to
  • order — display order in the catalog

Sale conditions

  • prices — prices in real or virtual currency
  • limits — purchase limits
  • periods — availability periods
  • regions — regional restrictions

Example of core entity structure:

{
  "attributes": [],
  "bundle_type": "virtual_currency_package",
  "content": [
    {
      "description": {
        "en": "Main in-game currency"
      },
      "image_url": "https://.../image.png",
      "name": {
        "en": "Crystals",
        "ru": "Crystals"
      },
      "quantity": 500,
      "sku": "com.xsolla.crystal_2",
      "type": "virtual_currency"
    }
  ],
  "description": {
    "en": "Crystals x500"
  },
  "groups": [],
  "image_url": "https://.../image.png",
  "is_enabled": true,
  "is_free": false,
  "is_show_in_store": true,
  "limits": {
    "per_item": null,
    "per_user": null,
    "recurrent_schedule": null
  },
  "long_description": null,
  "media_list": [],
  "name": {
    "en": "Medium crystal pack"
  },
  "order": 1,
  "periods": [
    {
      "date_from": null,
      "date_until": "2020-08-11T20:00:00+03:00"
    }
  ],
  "prices": [
    {
      "amount": 20,
      "country_iso": "US",
      "currency": "USD",
      "is_default": true,
      "is_enabled": true
    }
  ],
  "regions": [],
  "sku": "com.xsolla.crystal_pack_2",
  "type": "bundle",
  "vc_prices": []
}

Pagination

API calls that return large sets of records (for example, when building a catalog) return data in pages. Pagination is a mechanism that limits the number of items returned in a single API response and allows you to retrieve subsequent pages sequentially.

Use the following parameters to control the number of returned items:

  • limit — number of items per page
  • offset — index of the first item on the page (numbering starts from 0)
  • has_more — indicates whether another page is available
  • total_items_count — total number of items

Example request:

GET /items?limit=20&offset=40

Response example:

{
  "items": [...],
  "has_more": true,
  "total_items_count": 135
}

It is recommended to send subsequent requests until the response returns has_more = false.

Date and time format

Dates and time values are passed in the ISO 8601 format.

The following are supported:

  • UTC offset
  • null value when there is no time restriction for displaying an item
  • Unix timestamp (in seconds) used in some fields

Format: YYYY-MM-DDTHH:MM:SS±HH:MM

Example: 2026-03-16T10:00:00+03:00

Localization

Xsolla supports localization of user-facing fields such as item name and description. Localized values are passed as an object where the language code is used as the key. The full list of supported languages is available in the documentation.

Supported fields

Localization can be specified for the following parameters:

  • name
  • description
  • long_description

Locale format

The locale key can be specified in one of the following formats:

  • Two-letter language code: en, ru
  • Five-letter language code: en-US, ru-RU, de-DE

Examples

Example with a two-letter language code:

{
  "name": {
    "en": "Starter Pack",
    "ru": "Стартовый набор"
  }
}

Example with a five-letter language code:

{
  "description": {
    "en-US": "Premium bundle",
    "de-DE": "Premium-Paket"
  }
}

Error response format

If an error occurs, the API returns an HTTP status and a JSON response body. The full list of store-related errors is available in the documentation.

Response example:

{
  "errorCode": 1102,
  "errorMessage": "Validation error",
  "statusCode": 422,
  "transactionId": "c9e1a..."
}
  • errorCode — error code.
  • errorMessage — short error description.
  • statusCode — HTTP response status.
  • transactionId — request ID. Returned only in some cases.
  • errorMessageExtended — additional error details, such as request parameters. Returned only in some cases.

Extended response example:

{
  "errorCode": 7001,
  "errorMessage": "Chain not found",
  "errorMessageExtended": {
    "chain_id": "test_chain_id",
    "project_id": "test_project_id",
    "step_number": 2
  },
  "statusCode": 404
}

Common HTTP status codes

  • 400 — invalid request
  • 401 — authentication error
  • 403 — insufficient permissions
  • 404 — resource not found
  • 422 — validation error
  • 429 — rate limit exceeded

Recommendations

  • Handle the HTTP status and the response body together.
  • Use errorCode to process errors related to application logic.
  • Use transactionId to identify requests more quickly when analyzing errors.
下载 OpenAPI 描述
index.json
index.yaml
语言
服务器
https://store.xsolla.com/api/
Mock server
https://xsolla.redocly.app/_mock/zh/api/liveops/

通用

操作

优惠券

此API让您可以管理优惠券。

操作

促销码

此API让您可以管理促销码。

操作

特别目录优惠

此API让您可以管理特别目录优惠活动。

操作

折扣

此API让您可以管理折扣促销活动。

操作

奖励

此API让您可以管理奖励促销活动。

操作

个性化目录

此API可让您针对用户属性指定规则。如果用户满足具体规则的所有条件,则会显示个性化商品。

有关个性化促销活动的信息,请参阅促销活动部分

要在购买前传递属性,您可以使用艾克索拉Login API或在使Pay Station API生成令牌时将它们传入user.attributes属性

操作

获取目录筛选规则列表Server-sideAdmin

请求

获取应用于用户属性的所有规则。

安全
basicAuth
路径
project_idinteger必需

项目ID。您可以在您的发布商帐户项目名称旁边找到。

示例: 44056
查询
limitinteger>= 1

页面上元素数量的限制。

示例: limit=50
offsetinteger>= 0

元素编号,从该元素开始生成列表(从0开始数)。

示例: offset=0
is_enabledinteger

通过is_enabled标志筛选元素。

curl -i -X GET \
  -u <username>:<password> \
  'https://store.xsolla.com/api/v2/project/44056/admin/user/attribute/rule?limit=50&offset=0&is_enabled=0'

响应

规则已成功接收。

正文application/json
has_moreboolean

如果存在其他带规则的页面。

itemsArray of objects(user-attribute_personalized-catalog)
total_items_countnumber

规则总数。

响应
application/json
{
  "has_more": true,
  "items": [
    {}
  ],
  "total_items_count": 20
}

创建目录筛选规则Server-sideAdmin

请求

创建用户属性的规则。

安全
basicAuth
路径
project_idinteger必需

项目ID。您可以在您的发布商帐户项目名称旁边找到。

示例: 44056
正文application/json
attribute_conditionsArray of type = string (object) or type = number (object) or type = date (object)(personalized-catalog_user-attribute_conditions_model-post)[ 1 .. 100 ] items必需

用户属性验证条件。 根据用户属性是否满足所有指定条件来确定目录商品可用性。

One of:
attribute_conditions[].​attributestring(user-attribute_conditions_properties_attribute)[ 1 .. 255 ] characters^[-_.\d\w]+$必需

用户属性代码。

attribute_conditions[].​can_be_missingboolean(user-attribute_conditions_properties_can_be_missing)

表示即使用户属性中缺少属性仍满足条件。传递true可向不具有此属性的用户显示该项目。具有该属性但值与条件中指定的值不匹配的用户将看不到该商品。传递false则具有该属性但值与条件中指定的值不匹配或缺少该属性的用户将看不到该商品。

attribute_conditions[].​operatorstring(user-attribute_conditions_properties_operator_string)必需

按条件执行的操作类型。用于string属性类型。

枚举 值描述
eq

等于

ne

不等于

attribute_conditions[].​typestring(user-attribute_conditions_properties_type-string)必需

用户属性类型。

"string"
attribute_conditions[].​valuestring(user-attribute_conditions_properties_value)<= 255 characters必需

与用户属性值进行比较的条件值。类型取决于属性类型。

is_enabledboolean必需

如果已启用规则。

is_satisfied_for_unauthboolean

是否向未经授权的用户显示该商品。如为true,无论目录显示规则如何,该商品都会向未经授权的用户显示。默认为false

itemsArray of objects[ 1 .. 100 ] items必需
One of:

属性值满足条件的情况下向用户显示的商品。

items[].​item_idnumber必需

物品ID。

namestring[ 1 .. 255 ] characters^\S必需

规则的可读名称。用于在发布商帐户中显示规则。

curl -i -X POST \
  -u <username>:<password> \
  https://store.xsolla.com/api/v2/project/44056/admin/user/attribute/rule \
  -H 'Content-Type: application/json' \
  -d '{
    "attribute_conditions": [
      {
        "attribute": "race",
        "can_be_missing": false,
        "operator": "eq",
        "type": "string",
        "value": "ork"
      }
    ],
    "is_enabled": true,
    "is_satisfied_for_unauth": false,
    "items": [
      {
        "item_id": 1
      }
    ],
    "name": "Ork race armor rule"
  }'

响应

规则已成功创建。

正文application/json
rule_idnumber

规则ID。

响应
application/json
{
  "rule_id": 1
}

获取所有目录规则以供在客户端搜索Server-sideAdmin

请求

获取所有目录规则列表以供在客户端搜索。

注意:

仅返回规则ID、名称和is_enabled
安全
basicAuth
路径
project_idinteger必需

项目ID。您可以在您的发布商帐户项目名称旁边找到。

示例: 44056
curl -i -X GET \
  -u <username>:<password> \
  https://store.xsolla.com/api/v2/project/44056/admin/user/attribute/rule/all

响应

规则已成功接收。

正文application/json
itemsArray of objects(user-attribute_personalized-catalog_all)
响应
application/json
{
  "items": [
    {},
    {}
  ]
}

管理

操作

管理

操作

客户端

操作

公会客户端

操作

管理

操作

客户端

操作

管理

操作

客户端

操作

管理

操作

客户端

操作