Xsolla-logo

OAuth 2.0授权

get/oauth2/auth

Checks the presence of a valid SSO session. Redirects to the URL passed in the redirect_url parameter with an authorization code.

Request
query Parameters
response_type
required
string

将设置为code,表示应用程序预期在成功时收到一个授权码。

Value: "code"
client_id
required
integer

您的应用程序ID。在创建OAuth 2.0客户端后获取。

redirect_uri
required
string

This URL must match one of the URLs the developer registered when creating the application, and the authorization server should reject the request if it does not match. To set up this parameter, contact your Customer Success Manager.

scope
required
string

请求可以有一个或多个范围值,指示应用程序请求的额外访问权限。授权服务器将需要向用户显示请求的范围。

state
required
string

应用程序使用state参数来存储特定于请求的数据和/或防止CSRF攻击。授权服务器必须将未修改的状态值返回给应用程序。此为推荐参数。

audience
required
string

audience参数可能包含用url编码的空格(+或%20)分隔的多个字符串。audience值本身也必须为url编码。

popup
boolean
Default: false

If true is passed method will redirect to widget at first and then to partner's callback. If false, method will redirect straight to partner's callback.

code_challenge
string

Generated challenge from the code_verifier (https://datatracker.ietf.org/doc/html/rfc7636#section-4-2).

code_challenge_method
string

Method used to generate the challenge. For now, you can only use the method S256 to generate code_challenge.

Value: "S256"
widget_only
boolean

Service parameter for pop up flow. Does not affect API behaviour.

enable_post_message_login
boolean

Service parameter for pop up flow. Does not affect API behaviour.

disable_socials
boolean

Service parameter for pop up flow. Does not affect API behaviour.

Responses
302

重定向

400

错误的请求

404

未找到

418

我是茶壶

422

无法处理的实体

429

请求过多

Request samples
Response samples
{
  • "error": {
    }
}