Xsolla-logo

静默认证

get/oauth2/social/{oauth2_cross_social_provider_name}/cross_auth

Exchanges the user JWT from Steam, Xbox, or Epic Games to the JWT in your project (projectId). To enable silent authentication, use the instruction.

Request
path Parameters
oauth2_cross_social_provider_name
required
string

Name of the platform the user authorized in. Can be steam, xbox, epicgames.

query Parameters
client_id
required
integer

您的应用程序ID。在创建OAuth 2.0客户端后获取。

response_type
required
string

启用了OAuth 2.0协议项目中使用的授权类型。必须是code才能在响应中获取用户认证代码。必须通过生成JWT调用将收到的代码交换给JWT以完成用户认证。

state
required
string

用于额外用户验证的值。通常用于抵御CSRF攻击。该值将在响应中返回。必须长于8个符号。

redirect_uri
string

URL to redirect the user to after account confirmation, successful authentication, or password reset confirmation. To set up this parameter, contact your Account Manager.

Notice. The parameter is required if you have more than one redirect URI in your project settings.
app_id
string

您在平台中的应用ID。

scope
string

范围是OAuth 2.0中的一种机制,用于限制应用程序对用户帐户的访问。

可以是:

如果您要处理上面未提及的自定义scope参数值,可以在使用此调用时设置这些参数。艾克索拉登录管理器服务器不会处理这些值,但会在收到的JWT中返回它们。

audience
string

The "aud" (audience) claim identifies the recipients that the JWT is intended for. Each principal intended to process the JWT MUST identify itself with a value in the audience claim. If the principal processing the claim does not identify itself with a value in the "aud" claim when this claim is present, then the JWT MUST be rejected. In the general case, the "aud" value is an array of case- sensitive strings, each containing a StringOrURI value. In the special case when the JWT has one audience, the "aud" value MAY be a single case-sensitive string containing a StringOrURI value. The interpretation of audience values is generally application specific. Use of this claim is OPTIONAL.

session_ticket
string

从平台收到的会话票证。

code
string

从平台收到的代码。

is_redirect
boolean
Default: true

显示艾克索拉登录管理器服务器应如何响应。如果设置:

  • true值,艾克索拉登录管理器服务器将返回302响应代码。包含用户JWT以用于用户重定向的URL在Location标头中。
  • false值,艾克索拉登录管理器服务器返回200响应代码。包含用户JWT以用于用户重定向的URL在响应正文中。
Responses
200

确定

302

重定向

400

错误的请求

404

未找到

422

无法处理的实体

429

请求过多

Request samples
Response samples
application/json
{
  • "login_url": "string"
}