Integrating Social Login
The Backend Services Android SDK provides these methods for registering and authenticating users coming from social authentication providers such as Facebook, Google, and Microsoft Account:
Prerequisites
- Ensure that you have enabled the provider that you want to use.
- Obtain an OAuth token for the user. Refer to the social authentication provider's official documentation for more information:
- Microsoft Account (previously known as Windows Live ID)
Registration/Login
You register or log in a social user by invoking the respective member of the loginWith<Provider>()
method family that belongs to the AuthenticationHandler
class (see the table). The first invocation of the method for a user creates a new user account. Subsequent invocations log in the user to Telerik Platform. See Social Authentication for more information.
Method Name | Use for Provider |
---|---|
loginWithFacebook() | |
loginWithGoogle() | |
loginWithLiveId() | Microsoft Account |
All methods take as argument the OAuth token that you obtained from the social authentication provider. For example:
public void loginUser(EverliveApp app, String accessToken) {
app.workWith().authentication().loginWithFacebook(accessToken).executeAsync();
}
On success, the method returns an object containing a Telerik Platform access token (not to be mistaken with the OAuth token) that can be used with further Backend Services Android SDK operations. In that, the loginWith<Provider>()
method behaves similarly to the login()
method.
Developers who have been using the Google Access Token (
access_token
) parameter to authenticate users are strongly advised to migrate to using the Google ID Token (id_token
) parameter instead. Doing so significantly boosts your app security because Telerik Platform can verify theaud
claim contained in the token. Note that you also need to enter a Client Id when enabling Google Login, otherwise Telerik Platform skips this verification.
Linking with an OAuth Provider
You link a social user to an existing Telerik Platform user account using a member of the link<Provider>Account()
method family that belongs to the UsersHandler
class. The next table lists all available methods:
Method Name | Use for Provider |
---|---|
linkFacebookAccount() | |
linkGoogleAccount() | |
linkLiveIdAccount() | Microsoft Account |
The methods take as argument the userId
of the Telerik Platform user account that you want to link to, and the acquired OAuth token. For example:
public void linkUser(EverliveApp app, UUID userId, String accessToken) {
app.workWith().users().linkFacebookAccount(userId, accessToken).executeAsync();
}
Developers who have been using the Google Access Token (
access_token
) parameter to authenticate users are strongly advised to migrate to using the Google ID Token (id_token
) parameter instead. Doing so significantly boosts your app security because Telerik Platform can verify theaud
claim contained in the token. Note that you also need to enter a Client Id when enabling Google Login, otherwise Telerik Platform skips this verification.
To use these methods, you need to first log the user in or use MasterKey authentication.
If a Telerik Platform user account is already linked to a user from the specified social provider, the method returns an error. To link it to a new social user, first unlink it from the previous one and then reinvoke link<Provider>Account()
with the new OAuth token.
Unlinking from an OAuth Provider
You unlink a social user from an existing Telerik Platform user account using a member of the unlink<Provider>Account()
method family that belongs to the UsersHandler
class. The next table lists all available methods:
Method Name | Use for Provider |
---|---|
unlinkFacebookAccount() | |
unlinkGoogleAccount() | |
unlinkLiveIdAccount() | Microsoft Account |
The methods take as argument the userId
of the Telerik Platform user account that you want to unlink. For example:
public void unlinkUser(EverliveApp app, UUID userId) {
app.workWith().users().unlinkFacebookAccount(userId).executeAsync();
}
If the user is not linked, you receive an error.