Social login
You can add social login to your Identity Suite single-factor (SFA) signup and login flow. Social login allows your users to sign up and log in using their existing accounts from social identity providers. Social login is a frictionless alternative method to access your applications and services without having to register a new account and create additional password credentials. It supports out-of-the-box integrations with all prevalent social identity providers.
In nevisAdmin4 Resources > Project templates you have the following options to add social identity providers:
Social login with Identity Suite
Social login is a federated login using social identity providers to verify the user's identity. The OAuth 2.0 and OIDC protocols are used to facilitate authentication and authorization. The process includes the following steps:
- The user clicks on a social login button on the login page.
- Identity Suite forwards a request to the social identity provider to authenticate the user. The user logs in to the social identity provider.
- Once the social identity provider confirmed the user’s identity, Identity Suite automatically links the social account to the user, so it could be associated with the same Identity Suite user account. The linking is based on the user's email address.
- Identity Suite provides access to your application.
- Step 2. does not involve any user interaction if the user is already logged in to the social identity provider.
- Step 3. usually is only required the first time a user logs in with social login. Afterward, the social login takes only a single click for the user.
Automatic account linking
Identity Suite supports the automatic linking of social accounts from various social identity providers. This allows users to log in with any of their social accounts and be associated with the same Identity Suite user account. The linking is based on the user's email address.
Upon the first login with a social identity provider, the user's email of the social account is verified. Email verification is required to prevent security attacks such as account takeovers.
After successful email verification, we create a user in Identity Suite, if one does not exist yet. The user is created with the same email address used in the social login account. Upon user creation, we also set the first and last name of the user if provided by the identity provider.
Finally, the social account is linked to the Identity Suite user.
- User information modifications in the social accounts are not automatically synchronized to the user account in Identity Suite. The user data is only set up on the first user creation in Identity Suite.
- Users can use Password and any Social login as authentication methods interchangeably, independent of the initially used method during signup.
The project templates
The Nevis project templates Apple/Google/Facebook/Microsoft login on one hand support basic username / password login and alternatively social login next to it.
| Apple Login | Facebook Login | Google Login | Microsoft Login |
|---|---|---|---|
 |  |  |  |
Make sure you PROPERLY configure your social platform & deploy your nevisAdmin4 project with the proper social platform attributes (client id & client secret) set!
Scenario for testing a successful deployment
Launch the example static web page attached to the template at
https://your_domain_goes_here/web/web.html- replace “your_domain_goes_here” with your real domain name!Either you Login using your existing credentials (username/password) OR Login with Apple/Google/Facebook/Microsoft.
- In case of successful authentication (regardless the way you choose) the static web page appears as follows:
Now it is time to replace the exposed example application by your own service and enjoy the Nevis security experience!