Authentication

Heimdall service currently supports:

  • Microsoft Authentication Library (MSAL)

  • Xbox Authentication Library (XAL)

XAL is usually used by game instances, whereas MSAL is used by tester and automation tools.

XAL

To use XAL currently, you must configure your title with the Heimdall service endpoints on Partner Center.

Partner Center

Step 1: Navigate to single sign on under Xbox services for your title configuration on Partner Center:

../../_images/single_sign_on.png

Step 2: Add a new endpoint as shown below

../../_images/new_endpoint.png

Step 3: Add the Heimdall service endpoint https://studiosqaheimdall.azurewebsites.net and the audience URL as rp://studiosqaheimdall.azurewebsites.net

../../_images/configure_endpoint.png

NOTE: If you are using a unique instance of the Heimdall Service, a new relying party must be created configured with your unique instance endpoint. Contact SQTechSupport@microsoft.com for more information.

Game Side

Heimdall provides a XblHttpClient for XAL authentication. Since Heimdall is not responsible to manage users in Xbox live game applications, the user must provide a class or struct that contains a static method to grab the XblContextHandle that the client will use to send requests.

If a nullptr is returned, Heimdall will log that no user was found on the client side and will keep retrying automatically according to the HeimdallRetrier logic.