# [OAuth 2.0] Auth via access token of social network Authenticates the user with the access token using social network credentials. Endpoint: POST /oauth2/social/{provider_name}/login_with_token Version: v1 ## Path parameters: - `provider_name` (string, required) Name of the social network connected to the Login in Publisher Account. Can have the following values: xsolla, facebook, google, linkedin, twitter, discord, naver, baidu, battlenet, wechat, qq_mobile. ## Query parameters: - `client_id` (integer, required) Your application ID. Get it after creating an OAuth 2.0 client. - `response_type` (string, required) Grant type used in your project that has the enabled OAuth 2.0 protocol. Must be code to get the user authentication code in the response. The received code must be exchanged to a JWT via the Generate JWT call to finish user authentication. - `redirect_uri` (string) URL to redirect the user to after account confirmation, successful authentication, or password reset confirmation. To set up this parameter, contact your Customer Success Manager or email to csm@xsolla.com. Notice The parameter is required if you have more than one redirect URI in your project settings. - `state` (string, required) Value used for additional user verification. Often used to mitigate CSRF Attacks. The value will be returned in the response. Must be longer than 8 symbols. - `scope` (string) Scope is a mechanism in OAuth 2.0 to limit an application’s access to a user’s account. Can be: * email for Auth via social network or Get link for social auth calls to request an email from the user additionally. * offline to use refresh_token from Generate JWT call to refresh the JWT when it is expired. * playfab to write SessionTicket to the session_ticket claim of the JWT if you store user data at PlayFab. If you process your own values of the scope parameter, that are not mentioned above, you can set them when using this call. The Xsolla Login server does not process these values, but returns them in the received JWT. ## Request fields (application/json): - `access_token` (string, required) Access token received from a social network. - `access_token_secret` (string) Parameter oauth_token_secret received from the authorization request. Required for Twitter only. - `openid` (string) Parameter openid received from a social network. Required for Wechat only. ## Response 200 fields (application/json): - `login_url` (string, required) URL generated from the redirect_uri with additional parameters. The code parameter is the user authentication code which must be exchanged to a JWT. ## Response 400 fields (application/json): - `error` (object, required) - `error.code` (string, required) Error code. Example: "003-061" - `error.description` (string, required) Error description. Example: "Object not found." - `error.details` (object) Additional information. ## Response 404 fields (application/json): - `error` (object, required) - `error.code` (string, required) Error code. Example: "003-061" - `error.description` (string, required) Error description. Example: "Object not found." - `error.details` (object) Additional information. ## Response 422 fields (application/json): - `error` (object, required) - `error.code` (string, required) Error code. Example: "003-061" - `error.description` (string, required) Error description. Example: "Object not found." - `error.details` (object) Additional information. ## Response 429 fields (application/json): - `error` (object, required) - `error.code` (string, required) Error code. Example: "003-061" - `error.description` (string, required) Error description. Example: "Object not found." - `error.details` (object) Additional information.