Social Login and Registration

The first step to complete a social login or registration is to authenticate with the IDP. This can be done in one of two ways:

  • Via the social login widget
  • Via link to the social login application (no widget)

IDP Authentication (Widget)

Add the social login widget to your login page. See Implementing Social Login for full implementation instructions, including how to get the code to add the widget to your page.

Once the social login widget is properly implemented, the user can simply click one of the rendered buttons in order to authenticate with the IDP.

IDP Authentication (No Widget)

For more flexibility, you can create your own social login buttons that link to your social login application. There should be a different link for each social provider. The following is an example using Google+.

<a href="https://my-app.rpxnow.com/googleplus/start?language_preference=en&token_url=https://my-token-url">Sign in with Google+</a>

Social Login

Once you have the social login token, the next step is to attempt to authenticate the user via the oauth/auth_native call. You’ll pass the social login token into the call in the token parameter.


$api_call= '/oauth/auth_native';
$params= array(
    'client_id'=> JANRAIN_LOGIN_CLIENT_ID,
    'flow'=> JANRAIN_FLOW_NAME,
    'flow_version'=> JANRAIN_FLOW_VERSION,
    'locale'=> 'en-US',
    'redirect_uri'=> 'https://localhost',
    'registration_form'=> 'socialRegistrationForm',
    'response_type'=> 'code',
    // social login token obtained from previous step
    'token'=> $_POST['token']
);
$curl= curl_init();
curl_setopt($curl,CURLOPT_URL,JANRAIN_CAPTURE_URL.$api_call);
curl_setopt($curl,CURLOPT_POST,true);
curl_setopt($curl,CURLOPT_RETURNTRANSFER,true);
curl_setopt($curl,CURLOPT_POSTFIELDS,http_build_query($params));
$api_response= json_decode(curl_exec($curl));
curl_close($curl);

Response

Outcome / Next Step

Success (ok)

New authorization code is returned. Next step: Exchange Authorization Code for an access token and refresh token

User not found (310, record_not_found)

Continue with Social Registration

User already exists with that email address (380, email_address_in_use)

Continue with Account Merge

Invalid social login token (invalid_argument)

Provide a resolution path for this error

Social Registration

If the previous oauth/auth_native call returns a 310 error (record_not_found), initiate social registration using the oauth/register_native endpoint. You’ll pass the social login token into the call in the token parameter.


$api_call= '/oauth/register_native';
$params= array(
    'client_id'=> JANRAIN_LOGIN_CLIENT_ID,
    'flow'=> JANRAIN_FLOW_NAME,
    'flow_version'=> JANRAIN_FLOW_VERSION,
    'locale'=> 'en-US',
    'response_type'=> 'code',
    'redirect_uri'=> 'https://localhost',
    'form'=> 'socialRegistrationForm',
    // required fields from socialRegistrationForm
    'firstName'=> $_POST['firstName'],
    'lastName'=> $_POST['lastName'],
    'displayName'=> $_POST['displayName'],
    'emailAddress'=> $_POST['email'],
    // social login token obtained from previous steps
    'token'=> $_POST['token']
);
$curl= curl_init();
curl_setopt($curl,CURLOPT_URL,JANRAIN_CAPTURE_URL.$api_call);
curl_setopt($curl,CURLOPT_POST,true);
curl_setopt($curl,CURLOPT_RETURNTRANSFER,true);
curl_setopt($curl,CURLOPT_POSTFIELDS,http_build_query($params));
$api_response= json_decode(curl_exec($curl));
curl_close($curl);

Response

Outcome / Next Step

Success (ok)

User record is created and new authorization code is returned. Next step: Exchange Authorization Code for an access token and refresh token

Email address is already being used

Provide a resolution path for this error

Note: This error can occur when the user has an existing record and attempts to login with a different social provider that does NOT return a verified email address

Invalid social login token (invalid_argument)

Provide a resolution path for this error

Thin Social Registration

Thin registration is a configuration option that determines the behavior of the oauth/auth_native call when a new user authenticates. If the parameter is set to true, a new record will be created immediately (the registration form can be bypassed). If set to false or omitted from the call, you will need to complete social registration using the oauth/register_native call demonstrated above.


$api_call= '/oauth/auth_native';
$params= array(
    'client_id'=> JANRAIN_LOGIN_CLIENT_ID,
    'flow'=> JANRAIN_FLOW_NAME,
    'flow_version'=> JANRAIN_FLOW_VERSION,
    'locale'=> 'en-US',
    'redirect_uri'=> 'https://localhost',
    'response_type'=> 'code',
    // enable thin social registration
    'thin_registration'=> 'true',
    // social login token obtained from previous step
    'token'=> $_POST['token']
);
$curl= curl_init();
curl_setopt($curl,CURLOPT_URL,JANRAIN_CAPTURE_URL.$api_call);
curl_setopt($curl,CURLOPT_POST,true);
curl_setopt($curl,CURLOPT_RETURNTRANSFER,true);
curl_setopt($curl,CURLOPT_POSTFIELDS,http_build_query($params));
$api_response= json_decode(curl_exec($curl));
curl_close($curl);

Response

Outcome / Next Step

Success (ok)

User record is created and new authorization code is returned. Next step: Exchange Authorization Code for an access token and refresh token

User already exists with that email address (380, email_address_in_use)

Continue with Account Merge

Invalid social login token (invalid_argument)

Provide a resolution path for this error