question

fortuzar avatar image
fortuzar asked

LoginWithXbox error callback: Unable to decrypt token body

Hi,

We are trying to log-in to PlayFab using LoginWithXbox client API function in c++, but it does not work, since in the errorDelegate, the error report says "Unable to decrypt token body".

This bug occurs testing a build for the Xbox One console, and the token contains 2197 character, whose pattern is something like: " XBL3.0 x=; "

The code looks like this:

Models::FLoginWithXboxRequest Request; Request.XboxToken = AuthToken; // (which comes from the OnlineSubsystemGDK) Request.CreateAccount = true;

auto OnSuccess = ; auto OnError = ;

ClientAPI->LoginWithXbox(Request, OnSuccess, OnError);

apissdks
3 comments
10 |1200
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

fortuzar avatar image fortuzar commented ·

I don't know why the token message was cut but the pattern of the token has this format: XBL3.0 x=;

0 Likes 0 ·
fortuzar avatar image fortuzar fortuzar commented ·

Still don't know why the text was again cut, but-> token = XBL3.0; x=[a 20 length string];

0 Likes 0 ·
fortuzar avatar image fortuzar fortuzar commented ·

token = XBL3.0; x=[a 20 length string];(token-like string)

0 Likes 0 ·

2 Answers

·
Xiao Zha avatar image
Xiao Zha answered

Due to non-disclosure agreement(NDA), any question related to Xbox cannot be discussed in the public forum. You may submit a support ticket to contact us, so we can help you solve the issue. In addition, you should request an XboxToken from GetTokenAndSignatureAsync method using the endpoint https://playfabapi.com as described in API doc Login With Xbox .

10 |1200
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

fortuzar avatar image
fortuzar answered

Hi Xiao Zha,

Thank you for your answer.

As hinted, the problem was the endpoint.

So, we were getting the token via a custom endpoint that we created in the Microsoft Partner Center, but the problem with that token was that PlayFab was not able to decrypt it, because only EOS authentication backend holds the secret undisclosed Private Key that matched specifically the Public Key Certificate. (Info from EOS_SDK_for_Microsoft_Xbox_Series_X documentation)

Instead, we changed the endpoint to "https://playfabapi.com", which PlayFab could decipher.

Cheers, Felipe

10 |1200
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Write an Answer

Hint: Notify or tag a user in this post by typing @username.

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.