X

Best Practices from Oracle Development's A‑Team

Implement Social Login with Oracle Identity Cloud Service

Kiran Thakkar
Consulting Solutions Architect

Overview

Social login is an important use case for B2C applications be it marketing or eCommerce. It is a form of sign-in/login where a user uses social network services like Facebook, Twitter or Google to login to the service/application. Social login services like Facebook act as Identity Provider and the service that the user wanted to access acts as Service Provider or Relying party. If user does not have an account on the service, then depending on service provider's implementation, it can either ask user to finish registration and create an account or just gather user's salutation information and use it to personalize user experience. If the user is already registered, then it can map the user to an existing user based on email address.

Oracle Identity Cloud Service (IDCS) supports social login with version 17.2.6. It supports 5 social login providers (Facebook, Google, LinkedIn, Microsoft and Twitter) as of 17.2.6 version. Once the user has logged in, IDCS finds the user with the same email address. If the user is not found then it asks user to complete registration. Every provider is pre-configured from IDCS's perspective. It just needs clientID and client secret for an application created on service provider to facilitate social login. In this blog, we will take a look at the steps to configure facebook social login in IDCS.

Steps to configure social login

Create an application on Facebook

  1. 1. First step is to create an application in facebook to facilitate social login.

FacebookCreateApp

  1. 2. Once an application is created, select Social login product and configure it.

FacebookSelectProduct

  1. 3. Enable OAuth login flow and enter IDCS callback URL as OAuth redirect URL. The URL is https://IDCS_INSTANCE.identity.oraclecloud.com/oauth2/v1/social/callback

SocialLoginConfiguration

  1. 4. Copy client ID and client secret of the application. We will use that while configuring social login in IDCS.

ClientCreds

  1. IDCS configuration

  2. 1. Login to IDCS with a user who has either Security administrator or Identity domain administrator privilege.
  3. 2. From the Settings tab, open Identity Providers configuration.
  4. 3. Click on Add Social IDP to add new social provider.

IDCSCreateSocialIDP

  1. 4. Enter Name and description of the provider and click Next button.

IDCSFacebookIDP

  1. 5. Enter client ID and client secret that you captured in the last step of creating an application in facebook.

FacebookIDPConfiguration

  1. 6. Activate the provider.
  2. 7. Now enable "Show on the login page" option to provide an option to login with Facebook credentials. Assuming that federation is activated for the instance, user will get an option to login with facebook credentials.

EnableFacebookProvider

  1. Test social login

  2. 1. Once facebook social login is added and activated, try to login to an application or IDCS portal (https://IDCS_INSTANCE.identity.oraclecloud.com/ui/v1/myconsole).
  3. 2. On the login page, select facebook social provider to login with.
  4. 3. Once user is logged in through facebook, if user already has an account in IDCS, user will be logged in. If user does not have an account, then user gets an option to register and create an account in IDCS.

RegisterAccount

  1. 4. Enter additional details on the registration page and click on Register to button to finish registration process.

FinishUserRegistration

  1. 5. Once user account is created, user is sent activation email address and user gets an access to the application.

The process of adding any other supported social provider is same. You have to create an application on social login provider and capture client ID and secret. Add an additional provider from IDCS and enter respective client ID and secret.

Be the first to comment

Comments ( 0 )
Please enter your name.Please provide a valid email address.Please enter a comment.CAPTCHA challenge response provided was incorrect. Please try again.Captcha