[OAuth 2.0] Silent authentication Client-side
Exchanges a platform-specific authentication credential (a session ticket/exchange code/authorization token) from Epic Games, Steam, or Xbox for the JWT in your project (projectId).
You will get the link to redirect the user to your project.
To enable silent authentication, use the instruction.
path Parameters
query Parameters
| client_id required | integer Your application ID. Get it after creating an OAuth 2.0 client. |
| response_type required | string Grant type used in your project that has the enabled OAuth 2.0 protocol. Must be |
| state required | string Value used for additional user verification. Often used to mitigate CSRF Attacks. The value will be returned in the response. Must be longer than 8 symbols. |
| redirect_uri | string URL to redirect the user to after account confirmation, successful authentication, or password reset confirmation. To set up this parameter, contact your Customer Success Manager or email to csm@xsolla.com. Notice
The parameter is required if you have more than one redirect URI in your project settings. |
| session_ticket | string Required. A credential received from a platform during user authentication, encoded according to the Base64 standard. Depending on the social provider, it can be: - an exchange code for Epic Games - a session ticket for Steam - an Xbox authorization token in the following format: |
| scope | string Scope is a mechanism in OAuth 2.0 to limit an application’s access to a user’s account. Can be:
If you process your own values of the |
| audience | string Identification parameter of the application the token was issued for. Parameter value will be passed in the |
| app_id | string Your app ID on the platform. Required if the platform where the user is authorized is Steam. |
| code | string Code received from the platform. |
| is_redirect | boolean Default: true Shows how the Xsolla Login server should respond. If you set:
|
| no_user_creation | boolean Default: false Do not create new user if they not exist yet. Existing users will be authorized as usual |
| deployment_id | string The deployment ID that the client is trying to authenticate with. This will impact interactions with other services that require a deployment. If the deployment is not public, only users who have been entitled will be able to log in. For more information on deployments and deployment IDs see Product, Sandbox, and Deployment IDs. Note: You must use this unique identifier to use the Ecommerce APIs, and to request access tokens used by game clients. |
OK
Redirection
Bad Request
Not Found
Unprocessable Entity
Too Many Requests
- Curl
- JavaScript
- Node.js
- Python
- C#
- Go
- Java
curl --request GET \ --url 'https://login.xsolla.com/api/oauth2/social/{oauth2_cross_social_provider_name}/cross_auth?client_id=SOME_INTEGER_VALUE&response_type=SOME_STRING_VALUE&redirect_uri=SOME_STRING_VALUE&state=SOME_STRING_VALUE&session_ticket=SOME_STRING_VALUE&scope=SOME_STRING_VALUE&audience=SOME_STRING_VALUE&app_id=SOME_STRING_VALUE&code=SOME_STRING_VALUE&is_redirect=true&no_user_creation=false&deployment_id=SOME_STRING_VALUE'
- 200
- 400
- 404
- 422
- 429
{- "login_url": "string"
}