After a successful SSO redirection, Xoxoday will call the client’s Point Balance API to fetch the end user’s available points.
⚠️ Important:
- This API must be implemented and hosted by the client.
- Xoxoday will consume this API to get the balance whenever required.
- The request/response format below is provided only as a sample to illustrate the structure that Xoxoday expects.
- Please ensure that your response is always in JSON format only, as our system does not support any other data types.
Sample Request and Response
Headers
Content-Type: application/json
Sample Request
{
"unique_id":"DB123",
"auth_token":"asdgfjhbsdlkjbasdlkjbadslkbdakasdhfjhfdb=="
}
Sample Request Schema
| Parameter | Type | Description |
|---|---|---|
unique_id | String | Unique identifier of a user (sent by Xoxoday in the SSO redirection request). |
auth_token | String | Authorization value provided by the client during SSO redirection. Used by Xoxoday for API calls. |
Sample Response
{
"status": 1,
"data": {
"unique_id": "DB123",
"points": "400"
}
}
Sample Response Schema
| Parameters | Description |
|---|---|
| status | 1 = success / 0 = failure |
| unique_id | Unique identifier of a user |
| points | Current points of a user |
Implementation Notes
- Xoxoday will only consume this API — the client must build and expose it.
- The
auth_tokenmust be provided by you undertpdobject when SSO Redirection API is called . - Make sure the API response includes accurate response status.