Xbox Identity Provider
This feature is only available in an Essentials or Enterprise plan. Please visit our pricing page to learn more.
Available since 1.28.0.
This section will cover how to add a Login with Xbox button to FusionAuth. Below is an example login page with the Xbox Identity Provider enabled.
Once you have completed this configuration you will be able to enable the Xbox login button for one or more FusionAuth Applications. Below is an example login page with the Xbox Identity Provider enabled.
Create an Xbox Account
Follow instructions for obtaining a
Client id and
Client secret from the official Xbox documentation.
Create an Xbox Identity Provider
To enable this identity provider for an application, find your application name in the
Applications configuration section at the bottom of this panel. You will always see the
FusionAuth application, this application represents the FusionAuth administrative user interface. If you wish to be able to log into FusionAuth with this provider, you may enable this application.
In the following screenshot you will see that we have enabled this login provider for the
Pied Piper application and enabled
Create registration. Enabling create registration means that a user does not need to be manually registered for the application prior to using this login provider.
For example, when a new user attempts to log into
Pied Piper using Xbox, if their user does not exist in FusionAuth it will be created dynamically, and if the
Create registration toggle has been enabled, the user will also be registered for
Pied Piper and assigned any default roles assigned by the application.
If you do not wish to automatically provision a user for this application when logging in with Xbox, leave
Create registration off. You will need to manually register a user for this application before they may
Sign in with Xbox.
That’s it, now the
Sign in with Xbox button will show up on the login page for the Pied Piper application.
- Client Id Required
The unique client identifier obtained from Xbox. See Xbox - Getting Started.
- Client secret Required
The client secret obtained from Xbox used to authenticate the request. See Xbox - Getting Started.
- Button text Optional
The text to be displayed in the button on the login form. This value is defaulted to
Login with Xboxbut it may be modified to your preference.
- Linking strategy Optional defaults to
Create a pending link
The linking strategy for the Xbox provider. See Linking Strategies for more.
- Reconcile lambda Optional
A lambda maps custom claims returned from Xbox to the FusionAuth User or Registration.
To create or configure a lambda, navigate to See the lambda documentation for more..
- Debug enabled Optional defaults to
Enable debug to create event log entries during the user login process. This will assist you in debugging integration issues.
Building Your Own Integration
If you are building your own login experience, you’ll want to start the identity provider flow yourself and then complete the login.
You might do this if you are using the Login API rather than using the hosted FusionAuth login pages.
Completing the login is documented further in the API.
If you require a refresh token after completing the login, ensure Enable JWT Refresh is
true in the application configuration. This is found in the administrative user interface by navigating to .
How helpful was this page?
See a problem?
Have a question or comment to share?
Visit the FusionAuth community forum.