Sign in with Xbox web API

Question

I need to make users sign in with their Xbox in my application. Here is the snippet of my code:

 base_url = 'https://login.live.com/oauth20_authorize.srf?'
    qs = unquote(urlencode({
        'client_id': 'My client Id',
        'redirect_uri': 'https://localhost:44331',
        'response_type': 'token',
        'display': 'touch',
        'scope': 'service::user.auth.xboxlive.com::MBI_SSL',
        'locale': 'en',
    }))

My problem is i'm not sure where to get my Client Id and how to add that scope. I already registered my add in Azure app registration and got my client Id and added the redirect Url but still not working.

Did you review the documentation: https://learn.microsoft.com/en-us/gaming/xbox-live/using-xbox-live/auth/authentication_nav — sous2817, Jan 20 '20 at 20:46

score 2 · Answer 1 · answered Jan 12 '21 at 21:34

The client_id is supposed to come from an Application in your Azure dashboard.

Go to portal.azure.com and click “App Registrations”.
If you're in a Directory, you might have to click “View all applications from personal account”
Select your application, or create one by clicking “New registration”
Go to “Overview” on the left toolbar, if not already selected
Get client_id from the “Application (client) ID” field.
You may also be interested in:
- client_secret and client_secret_id: got from “Certificates & secrets”
- Configuring allowable return_urls: “Authentication”, “Platform Configurations”, “Web”
- tenant_id: Underneath “Azure Active Directory” (found in the far-left toolbar accessed by the “Hamburger Menu” in the top-left corner), click “Overview”, then find it under “Tenant information”

For a small demo showcasing the bare minimum /oauth20_authorize.srf can need for Xbox Live authorization, see the printf'd URL and the first curl call in gamertag_to_uuid.sh.

i did the same but when i am adding XboxLive.signin in scope it is giving error also that same scope is not there in Azure Active Directory so please guide here. — Harshil shrivastava, May 27 '23 at 12:07
@Harshilshrivastava You don't need to specify the scope in Azure. You just specify that [when offering the user to sign-in](https://github.com/OpenXbox/xbox-webapi-python/blob/v2.0.11/xbox/webapi/authentication/manager.py#L51). — JamesTheAwesomeDude, May 30 '23 at 17:25
Did the same but got seems like a need to configure the Microsoft partner for Xbox — Harshil shrivastava, May 31 '23 at 10:31

score 0 · Answer 2 · edited May 22 '21 at 02:53

0

I have Researched A Lot About This And Found That Xbox live scope is a service scope that is already authorized in every client. But service scope doesn't work in response_type token. It must be set to response_type: 'code'

edited May 22 '21 at 02:53

eyllanesc

235,170
19
170
241

answered May 22 '21 at 02:46

Nishant1500

11
1

You can use the scopes like `XboxLive.signin` and another optional scope is `XboxLive.offline_access`. Credit: [link](https://stackoverflow.com/questions/63898540/how-to-define-the-scope-for-xbox-while-login-with-xbox-in-laravel) – susheel Jul 14 '21 at 12:03

Sign in with Xbox web API

2 Answers2