Overview
LoginRadius Social Login APIs allow users to authenticate using their existing accounts on third-party platforms such as Google, Facebook, LinkedIn, Apple, and many others. This helps streamline the login process and reduces friction for new registrations by eliminating the need to create and remember another password.
To use the Social Login APIs, you need to have your LoginRadius API Key and the relevant social provider configuration completed in your Admin Console. The API Key is required to authorize API calls and link user identities to your application.
How to Retrieve Your API Key:
-
Log in to the LoginRadius Console.
-
Go to Tenant Settings.
-
Find your API Key under the API Configuration section.
-
Use this key in all Social Login-related API requests.
Key Features and Use Cases
-
Frictionless Sign-In: Let users sign in with platforms they already trust—Google, Facebook, etc.
-
Simplified Registration: Automatically create user profiles by retrieving data from the social provider.
-
Unified Identity: Link multiple social accounts to a single user profile for seamless access across platforms.
-
Custom Provider Support: Integrate with any OAuth-based provider beyond the built-in list.
-
Profile Data Mapping: Access standard and extended profile data returned by each provider.
-
Mobile and Web Support: Available for both native mobile SDKs and web-based flows.
Common API Endpoints
Below are the key API endpoints used for implementing social login.
- Authentication Endpoint
- Linking Accounts
- Access and Management
| Action | Endpoint Description |
|---|---|
| Access Token via Facebook Token | Exchange a Facebook access token for a LoginRadius access token valid for a limited time. |
| Access Token via Google AuthCode | Exchange a Google AuthCode for a LoginRadius access token with an expiration time. |
| Access Token By Facebook JWT Access Token | Use a Facebook JWT access token to retrieve a LoginRadius access token. |
| Access Token via LinkedIn Token | Exchange a LinkedIn access token for a LoginRadius access token valid for a specific duration. |
| Action | Endpoint Description |
|---|---|
| Link Social Profile | Add another social account to the logged-in user’s profile. |
| Unlink Social Profile | Remove a previously linked social provider from the user’s account. |
| Action | Endpoint Description |
|---|---|
| Get Profiles by UID | Retrieve all linked social profiles for a user. |
| Get Profiles by Access Token | Get current session’s social identity details. |
Best Practices
-
Configure all desired social providers in the Admin Console before implementing the APIs.
-
Always validate and sanitize the data returned from social providers before storing or displaying it.
-
Use access tokens securely—avoid exposing them in front-end code.
-
Consider linking email-based and social accounts to avoid duplication and improve account continuity.
-
Review rate limits and token expiration times for each provider’s access token.