This method instructs the Gigya service to authenticate the user using an external provider, such as Facebook or Yahoo.
The Gigya service opens a popup window with the login screen of the requested provider. In some cases, such as Facebook and Yahoo, users are also asked to give the site permission to access their personal data. When the login process completes, the popup window closes automatically, the method callback function is called and the global onLogin event is fired.
The following providers currently support this operation: apple,
The Gigya service supports a mechanism to verify the authenticity of the login process. To prevent fraud Gigya "signs" the login process with a cryptographic signature. Your site receives the cryptographic signature provided by Gigya in the login method's callback function as part of the response object (please refer to the Response object Data Members table below).
We highly recommend verifying the authenticity of the signature to prove that it has indeed originated from Gigya rather than somewhere else.
To learn more about this subject, please refer to Security.
The following table lists the available parameters:
|||provider||string||The provider that is used for authenticating the user. The following values are currently supported for use with this parameter: apple, amazon, aol, blogger, facebook, foursquare, googleplus, kakao, line, linkedin, livedoor, messenger, mixi, naver, netlog, odnoklassniki, orangefrance, paypaloauth, qq, renren, sina, spiceworks, twitter, vkontakte, wechat, wordpress, xing, yahoo, yahoojapan (Note: messenger has been replaced by microsoft, however, for backward compatibility, either can be used).|
SAML providers are also supported - use the format "saml-YourDefinedProviderName".
|||actionAttributes||JSON object||In Gamification, your users receive points for actions they perform on your site. In this case, logging in grants the user points. Action Attributes may be used to annotate actions with additional information, such as the section of the web site that generated the action. If you set actionAttributes, the log in action receives an attribute, for example "tv-show":"glee". |
actionAttributes contain a JSON object comprised of a series of attribute keys (categories) with associated values. You can also use a generic "tags" key.
No more than three values can be given, they can be with a single key or each have their own key.
For more information see Variants and Action Attributes. Action attributes are later used to filter GM Plugins by a certain attribute.
This parameter is intended only for developers who wish to implement the "Web Server Flow" of the OAuth 2.0 standard. If you set this parameter to 'true', you will not receive the user data in the response. Instead you will receive an authCode .
The authCode contains a code that is intended to be used for invoking the OAuth 2.0 getToken end-point along with the grant_type parameter set to authorization_code.
|||authFlow||string||Using this parameter you may specify that the login flow will use page redirects instead of using a popup. This gives a solution for environments where popups are unavailable (e.g., mobile web view controls). This parameter accepts two values:|
A reference to a callback function. Gigya calls the specified function along with the results of the API method when the API method completes.
The callback function should be defined with the following signature: functionName(Response).
The "Response Object Data Members" table below provides specification of the data that is passed to the callback function.
A string of maximum 100 characters length. The CID sets categories for transactions that can be used later for filtering reports generated by Gigya in the "Context ID" combo box. The CID allows you to associate the report information with your own internal data. For example, to identify a specific widget or page on your site/application. You should not define more than 100 different context IDs.
A developer-created object that is passed back unchanged to the application as one of the fields in the response object.
This parameter accepts a comma-separated list of additional data fields to retrieve. The current valid values are: languages, address, phones, education, honors, publications, patents, certifications, professionalHeadline, bio, industry, specialties, work, skills, religion, politicalView, interestedIn, relationshipStatus, hometown, favorites, likes, followersCount, followingCount, name, username, educationLevel, locale, verified, irank, timezone, and samlData.
Note: Before your application can retrieve Facebook data, the user must grant your application with access. Please make sure you have checked the check boxes that enable retrieving the relevant fields from Facebook in the Permissions page on Gigya's website. You may find more information in the Facebook Permissions section of our guide.
|||facebookExtraPermissions||string||A comma-delimited list of Facebook extended permissions to request from the user. This parameter gives the possibility to request extended permissions in addition to the permissions that Gigya is already requesting. Refer to Facebook's extended permissions page for the complete list of permissions.|
For example, if you wish to RSVP to events on the user's behalf and to to send text messages to the user define: facebookExtraPermissions : "rsvp_event,sms "
|||forceAuthentication||Boolean||The default value of this parameter is 'false'. If it is set to 'true', the user is forced to provide their social network credentials during login - even if the user is already connected to the social network. This parameter is currently supported by Facebook, Twitter, and Renren. Note that the behavior of the various social networks may be slightly different: Facebook expects the current user to enter their password, and will not accept a different user name. Other networks prompt the user to re-authorize the application or allow a different user to log in.|
|||googleExtraPermissions||string||This parameter gives the possibility to request extended permissions in addition to the permissions that Gigya is already requesting. The supported values are: "wallet" - for Google wallet permissions.|
|||googlePlayAppID||string||The objective of this parameter is to support Over The Air app installs for Android devices during Google+ login. Set this parameter with the package name of your Android app (for example: "com.yourdomain.app"). As a result, after signing in with Google+, users have the option to send your Android app to their device instantly, without leaving your website. As a preliminary step you'll need to Utilize Google+ Native Android Sign-on on your Android app. The package name passed to this parameter is the same one you enter when enabling the Google+ API.|
A comma-separated list of fields to include in the response. The possible values are: identities-active, identities-all, loginIDs, emails, profile, data, and
id_token. The default is profile so if this parameter is not used, the response will return the Profile object.
|||includeAllIdentities||Boolean||The default value of this parameter is 'false'. If set to 'true', you will receive all the user's identities, including those with expired sessions. Each entry will have an attribute that will be 'true' when the session has expired for that provider (or is otherwise inactive) and 'false' if it is active.|
|||loginMode||string||The type of login being performed:|
|||pendingRegistration||Boolean||The default value of this parameter is 'true'. The default behavior - when a new user logs-in (registers) his new Gigya account is not considered final until socialize.notifyRegistration is called. While being not-final the identities associated with this account can be connected to another account without causing an error.|
If this parameter is set to 'false' - when a new user logs-in (registers), his new Gigya account is final immediately.
Note: the value of this parameter overrides the value of the newUsersPendingRegistration parameter in the global configuration object.
|||redirectMethod||string||This parameter is only applicable when redirectURL is specified and it determines how the user info data is passed to the redirectURLs. This parameter accepts two values: |
A URL to which to redirect the user when the login process has successfully completed. You must provide an absolute URL - relative URLs are not supported.
The following additional parameters are appended to the URL string: UID, UIDSig, timestamp, loginProvider, loginProviderUID, nickname, photoURL, thumbnailURL, firstName, lastName, gender, birthDay, birthMonth, birthYear, email, country, state, city, zip, profileURL, provider.
When redirectURL is explicitly defined by the partner the user object fields should always be sent with the redirect regardless of the authFlow mode.
This parameter is required if using authFlow: 'redirect' (above).
|||regSource||string||A string representing the source of the registration. This would typically be the URL where it took place.|
|||sessionExpiration||integer||This parameter defines the time in seconds that Gigya should keep the login session valid for the user. To end the session when the browser closes, please assign the value '0'. If this parameter is not specified, the session is valid forever.|
Response Object Data Members
|user||User object||A User object that includes updated information for the current user.|
|UIDSignature||string||The signature that should be used for login verification as described under Validate the UID Signature in the Social Login Process.|
|signatureTimestamp||string||The GMT time of the response in UNIX time format (i.e. the number of seconds since Jan. 1st 1970). The timestamp should be used for login verification as described under Validate the UID Signature in the Social Login Process.|
|UID||string||The User ID that should be used for login verification as described under Validate the UID Signature in the Social Login Process.|
|isNewUser||Boolean||Indicates whether the user logging in is new. The parameter is returned only when it is set to "true", or when the user is missing the 'connectionIdentity' field in the DB.|
When 'RaaS' is enabled, If 'newUser == TRUE' and no required fields are missing, a 'SocialLeadToAccountNewUser' event is called and a new user is created.
If account is pending verification, a 'SocializeLeadToAccountsPendingVerification' event is fired instead.
|signature||string||Deprecated . Please use the UIDSignature parameter instead.|
|timestamp||string|| Deprecated . Please use the signatureTimestampparameter instead.|
This parameter holds the GMT time of the response in "yyyy-mm-dd HH:mm:ss" format where HH is in 24 hour time format.
Triggered Global Event
By using this method the onLogin global event may be triggered (the onLogin global event is fired when a user successfully logs in to Gigya). To register an event handler use the socialize.addEventHandlers API method. Refer to the onLogin event data. Refer to Events to learn more about how to handle events generated by the Gigya service.
When using LINE as a login provider via socialize.login on a mobile device, only authflow 'redirect' is supported, e.g.,