Here is the code:
"https://login.live.com/oauth20_authorize.srf?client_id=" +
process.env.MIX_LIVE_CLIENT_ID +
"&scope=service::user.auth.xboxlive.com::MBI_SSL&response_type=code&redirect_uri=" +
process.env.MIX_LIVE_REDIRECT_URL +
"&state=ClientStateGoesHere"
This is the scope I have created in the microsoft azure account.
scope=service::user.auth.xboxlive.com::MBI_SSL
But I am getting below error when open the page for login using xbox.
I have researched a lot about this and found that Xbox live scope is a service scope that is already authorized in every client. But service scope doesn't work in response_type
token. It must be set to response_type: 'code'
Change scope to the actual service scope of Azure AD ie XboxLive.signin
and another optional scope is XboxLive.offline_access
to get refresh token.
By the way, I guess the service::user.auth.xboxlive.com::MBI_SSL
requires ID@Xbox to use it.
You need to use XboxLive.SignIn
scope, I guess service::user.auth.xboxlive.com::MBI_SSL
scope requires some of Xbox developer program (like ID@Xbox or Xbox Creators Program)
What's the difference between these scopes?
The service::user.auth.xboxlive.com::MBI_SSL
scope allow you to get authorization from the user and the user doesn't have to authorize your application manually, but it requires some of Xbox partnership program (or something like that).
The XboxLive.SignIn
scope is available to all users and apps, but it requires manual authorization from user since your app is not considered "trusted" if your app doesn't have any Xbox developer program joined.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.