Sign in with Xbox web API

Question

I need to make users sign in with their Xbox in my application. Here is the snippet of my code:

 base_url = 'https://login.live.com/oauth20_authorize.srf?'
    qs = unquote(urlencode({
        'client_id': 'My client Id',
        'redirect_uri': 'https://localhost:44331',
        'response_type': 'token',
        'display': 'touch',
        'scope': 'service::user.auth.xboxlive.com::MBI_SSL',
        'locale': 'en',
    }))

My problem is i'm not sure where to get my Client Id and how to add that scope. I already registered my add in Azure app registration and got my client Id and added the redirect Url but still not working.

Answer 1

The client_id is supposed to come from an Application in your Azure dashboard.

• Go to portal.azure.com and click “App Registrations”.

• If you're in a Directory, you might have to click “View all applications from personal account”

• Select your application, or create one by clicking “New registration”

• Go to “Overview” on the left toolbar, if not already selected

• Get client_id from the “Application (client) ID” field.
  You may also be interested in:

  • client_secret and client_secret_id: got from “Certificates & secrets”

  • Configuring allowable return_urls: “Authentication”, “Platform Configurations”, “Web”

  • tenant_id: Underneath “Azure Active Directory” (found in the far-left toolbar accessed by the “Hamburger Menu” in the top-left corner), click “Overview”, then find it under “Tenant information”

---

For a small demo showcasing the bare minimum /oauth20_authorize.srf can need for Xbox Live authorization, see the printf'd URL and the first curl call in gamertag_to_uuid.sh.

Answer 2

I have Researched A Lot About This And Found That Xbox live scope is a service scope that is already authorized in every client. But service scope doesn't work in response_type token. It must be set to response_type: 'code'