Skip to main content

Social login flow

Social login is powered by OAuth. OAuth is an open standard for authorization. OAuth provides client applications 'secure delegated access’ to server resources on behalf of a resource owner. It specifies a process for resource owners to authorize third-party access to their server resources without sharing their credentials. Specifically designed to work with Hypertext Transfer Protocol (HTTP), OAuth essentially allows authorization servers to issue access tokens for third-party clients , with the consent of the end-user. The client then uses the access token to access the protected resources hosted by the resource server. OAuth is commonly used to log into third-party websites using their Facebook, Apple, Google, or Microsoft accounts, without worrying about their access credentials being compromised, yet maximizing effortless login experience.

Social Login Flow
  1. The user wants to access the (web) application.
  2. The App offers social authentication option.
  3. Social authentication request is sent by clicking Login with [Social provider], the user is redirected to the social IdP platform.
  4. Social IdP authentication is being performed according to the particular social provider credentials & security settings.
  5. Upon successful authentication, the authorization endpoint generates an authorization code, and redirects the user to the return_uri. The code is added as a query parameter.
  6. The App is then requesting ID & access tokens from the social IdP (using the code received from the user) via the token endpoint.
  7. The token endpoint returns an Access Token and ID token.
  8. The user is granted access to the App (server resources) once the social provider has confirmed its identity.