Complete social login and registration
The first step to complete a social login or registration is to authenticate with the IDP. This can be done in one of two ways:
- Via the social login widget
- Via link to the social login application (no widget)
IDP authentication (widget)
Add the social login widget to your login page.
Once the social login widget is properly implemented, the user can simply click one of the rendered buttons in order to authenticate with the IDP.
IDP authentication (no widget)
For more flexibility, you can create your own social login buttons that link to your social login application. There should be a different link for each social provider. The following is an example using Facebook.
<a href="https://my-app.rpxnow.com/facebook/start?language_preference=en&token_url=https://my-token-url">Sign in with Facebook</a>
Social login
Once you have the social login token, the next step is to attempt to authenticate the user via the oauth/auth_native call. You’ll pass the social login token into the call in the token parameter.
$api_call= '/oauth/auth_native';
$params= array(
'client_id'=> JANRAIN_LOGIN_CLIENT_ID,
'flow'=> JANRAIN_FLOW_NAME,
'flow_version'=> JANRAIN_FLOW_VERSION,
'locale'=> 'en-US',
'redirect_uri'=> 'https://localhost',
'registration_form'=> 'socialRegistrationForm',
'response_type'=> 'code',
// social login token obtained from previous step
'token'=> $_POST['token']
);
$curl= curl_init();
curl_setopt($curl,CURLOPT_URL,JANRAIN_CAPTURE_URL.$api_call);
curl_setopt($curl,CURLOPT_POST,true);
curl_setopt($curl,CURLOPT_RETURNTRANSFER,true);
curl_setopt($curl,CURLOPT_POSTFIELDS,http_build_query($params));
$api_response= json_decode(curl_exec($curl));
curl_close($curl)
| Response | Outcome / Next Step |
|---|---|
| Success (ok) | New authorization code is returned. Next step: Exchange an authorization code for an access token and refresh token. |
| User not found (310, record_not_found) | Continue with Social Registration. |
| User already exists with that email address (380, email_address_in_use) | Continue with Merge accounts. |
| Invalid social login token (invalid_argument) | Provide a resolution path for this error. |
Social registration
If the previous oauth/auth_native call returns a 310 error (record_not_found), initiate social registration using the oauth/register_native operation. You’ll pass the social login token into the call in the token parameter.
$api_call= '/oauth/register_native';
$params= array(
'client_id'=> JANRAIN_LOGIN_CLIENT_ID,
'flow'=> JANRAIN_FLOW_NAME,
'flow_version'=> JANRAIN_FLOW_VERSION,
'locale'=> 'en-US',
'response_type'=> 'code',
'redirect_uri'=> 'https://localhost',
'form'=> 'socialRegistrationForm',
// required fields from socialRegistrationForm
'firstName'=> $_POST['firstName'],
'lastName'=> $_POST['lastName'],
'displayName'=> $_POST['displayName'],
'emailAddress'=> $_POST['email'],
// social login token obtained from previous steps
'token'=> $_POST['token']
);
$curl= curl_init();
curl_setopt($curl,CURLOPT_URL,JANRAIN_CAPTURE_URL.$api_call);
curl_setopt($curl,CURLOPT_POST,true);
curl_setopt($curl,CURLOPT_RETURNTRANSFER,true);
curl_setopt($curl,CURLOPT_POSTFIELDS,http_build_query($params));
$api_response= json_decode(curl_exec($curl));
curl_close($curl);
| Response | Outcome / Next Step |
|---|---|
| Success (ok) | User record is created and new authorization code is returned. Next step: Exchange an authorization code for an access token and refresh token. |
| Email address is already being used | Provide a resolution path for this error. Note: This error can occur when the user has an existing record and attempts to login with a different social provider that does NOT return a verified email address. |
| Invalid social login token (invalid_argument) | Provide a resolution path for this error. |
Thin social registration
Thin registration is a configuration option that determines the behavior of the oauth/auth_native call when a new user authenticates. If the parameter is set to true, a new record will be created immediately (the registration form can be bypassed). If set to false or omitted from the call, you will need to complete social registration using the oauth/register_native call demonstrated above.
$api_call= '/oauth/auth_native';
$params= array(
'client_id'=> JANRAIN_LOGIN_CLIENT_ID,
'flow'=> JANRAIN_FLOW_NAME,
'flow_version'=> JANRAIN_FLOW_VERSION,
'locale'=> 'en-US',
'redirect_uri'=> 'https://localhost',
'response_type'=> 'code',
// enable thin social registration
'thin_registration'=> 'true',
// social login token obtained from previous step
'token'=> $_POST['token']
);
$curl= curl_init();
curl_setopt($curl,CURLOPT_URL,JANRAIN_CAPTURE_URL.$api_call);
curl_setopt($curl,CURLOPT_POST,true);
curl_setopt($curl,CURLOPT_RETURNTRANSFER,true);
curl_setopt($curl,CURLOPT_POSTFIELDS,http_build_query($params));
$api_response= json_decode(curl_exec($curl));
curl_close($curl);
| Response | Outcome / Next Step |
|---|---|
| Success (ok) | User record is created and new authorization code is returned. Next step: [Exchange Authorization Code) for an access token and refresh token. |
| User already exists with that email address (380, email_address_in_use) | Continue with Merge accounts. |
| Invalid social login token (invalid_argument) | Provide a resolution path for this error. |
Updated 8 months ago