I'm trying to authenticate in xbox live with microsoft using msal node ( i'm using this sample) and using the token I get back, the problem is that I get the error 400 (bad request) when i try to call xboxlive.
await axios
.post(
"https://user.auth.xboxlive.com/user/authenticate",
{
Properties: {
AuthMethod: "RPS",
SiteName: "user.auth.xboxlive.com",
RpsTicket: token, // the token i get from msal
},
RelyingParty: "http://auth.xboxlive.com",
TokenType: "JWT",
},
{
headers: {
"Content-Type": "application/json",
Accept: "application/json",
},
}
)
.then((x) => console.log("success", x))
.catch((e) => console.error("error", e));
It appears you need to prepend d= to the token and then pass that as the value for RpsTicket. This was based on the xbox-webapi-node npm module.
await axios.post(
"https://user.auth.xboxlive.com/user/authenticate",
{
Properties: {
AuthMethod: "RPS",
SiteName: "user.auth.xboxlive.com",
RpsTicket: "d=" + token, // the token
},
RelyingParty: "http://auth.xboxlive.com",
TokenType: "JWT",
},
{
headers: {
"Content-Type": "application/json",
Accept: "application/json",
},
}
)
.then((x) => console.log("success", x))
.catch((e) => console.error("error", e));