Get data of User's XBOX account

Question

I want to extract data from a user's Xbox account. i.e. I want to extract the user's summaries/profileStats/profileStats/UserStats or whatever Xbox calls it.

The process I followed:

I registered an application in Azure Portal. Then on my client (Angular), I authorize the user using the following endpoint:

https://login.live.com/oauth20_authorize.srf?client_id=${clientId}&approval_prompt=auto&response_type=code&scope=${scopes}&redirect_uri=${redirect}

I extract the code from this and then I am able to get the user's access token, refresh token and user_id using postman:

But I cannot find any resources to Xbox's Developer API. Thus I don't know which endpoints to call the get the User's information.

I have found OpenXBL, but it is not the official Xbox development API and I cannot figure out how to use it.

Thus what is the official Xbox Web API or can anyone provide me with an endpoint URL which to call to get a user's Xbox information?

Answer 1

Using this method you will be able to extract the userName and the age group of the user's Xbox account. The other claims' meaning are unknown to me.

Get Access_Token via code:

After calling the endpoint in the question you will get the code.

Using the code you can get make a call to the following endpoint:

The url is: https://login.live.com/oauth20_token.srf

Note: This token is not in JWT format.

• The redirect_url should be registered in your application in Azure devops*

Get JWT token via access_token:

The access_token will be used to get the JWT token.

Make a call to extract the JWT token: Endpoint: https://user.auth.xboxlive.com/user/authenticate

Headers:

x-xbl-contract-version: 1

The value of RpsTicket is "d=Your_access_token"

Get the token claims

Make an endpoint call to:

Endpoint: https://xsts.auth.xboxlive.com/xsts/authorize

Headers:

x-xbl-contract-version: 1

Note: The JWT token is entered in the UserTokens array