This is very similar to the AuthCredential used by the group server, but using CallLinkParams to encrypt the user ID rather than GroupParams (and using GenericServerParams to issue the credential rather than the group server's ServerParams).
