Social

Google#

To authenticate a user through Google Sign-In, you can call the googleSignIn mutation:

note

The googleSignIn mutation both authenticates and registers users. It will throw a Cannot find matching user error if registration is disabled, and no user with that email exists.

note

If you have Permission Type set to Multiple Schemas in your plugin settings, you will have a googleSignIn mutation for each user group (e.g. googleSignInUser and googleSignInBusiness).

mutation {
googleSignIn(idToken: "...") {
jwt
jwtExpiresAt
refreshToken
refreshTokenExpiresAt
user {
id
fullName
}
}
}
// returns
{
"data": {
"googleSignIn": {
"jwt": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJDcmFmdENNUyIsImlhdCI6MTYwNzIyMjg5MywiZXhwIjoxNjA3MjI0NjkzLCJzdWIiOi...",
"jwtExpiresAt": 1607224693,
"refreshToken": "eu5l-FkvTaWEzIt38QFR8ETx5PIS706P",
"refreshTokenExpiresAt": 1614998893,
"user": {
"id": "21",
"fullName": "James Edmonston"
}
}
}
}

Facebook#

To authenticate a user through Facebook Login, you first need to call the facebookOauthUrl query:

query {
facebookOauthUrl
}
// returns
{
"data": {
"facebookOauthUrl": "https://www.facebook.com/login.php?..."
}
}

Next, send the user to the generated URL and they will be asked to authenticate through Facebook. Once they have authenticated, they will be redirected to your Redirect URL with a code query parameter (e.g. https://yoursite.com/facebook?code=...).

Finally, once you've grabbed the code from the URL, you can call the facebookSignIn mutation:

note

The facebookSignIn mutation both authenticates and registers users. It will throw a Cannot find matching user error if registration is disabled, and no user with that email exists.

note

If you have Permission Type set to Multiple Schemas in your plugin settings, you will have a facebookSignIn mutation for each user group (e.g. facebookSignInUser and facebookSignInBusiness).

mutation {
facebookSignIn(code: "...") {
jwt
jwtExpiresAt
refreshToken
refreshTokenExpiresAt
user {
id
fullName
}
}
}
// returns
{
"data": {
"facebookSignIn": {
"jwt": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJDcmFmdENNUyIsImlhdCI6MTYwNzIyMjg5MywiZXhwIjoxNjA3MjI0NjkzLCJzdWIiOi...",
"jwtExpiresAt": 1607224693,
"refreshToken": "eu5l-FkvTaWEzIt38QFR8ETx5PIS706P",
"refreshTokenExpiresAt": 1614998893,
"user": {
"id": "21",
"fullName": "James Edmonston"
}
}
}
}

Twitter#

To authenticate a user through Log in with Twitter, you first need to call the twitterOauthUrl query:

query {
twitterOauthUrl
}
// returns
{
"data": {
"twitterOauthUrl": "https://api.twitter.com/oauth/authorize?oauth_token=..."
}
}

Next, send the user to the generated URL and they will be asked to authenticate through Twitter. Once they have authenticated, they will be redirected to your Redirect URL with oauthToken and oauthVerifier query parameters (e.g. https://yoursite.com/twitter?oauthToken=...&oauthVerifier=...).

Finally, once you've grabbed oauthToken and oauthVerifier from the URL, you can call the twitterSignIn mutation:

note

The twitterSignIn mutation both authenticates and registers users. It will throw a Cannot find matching user error if registration is disabled, and no user with that email exists.

note

If you have Permission Type set to Multiple Schemas in your plugin settings, you will have a twitterSignIn mutation for each user group (e.g. twitterSignInUser and twitterSignInBusiness).

mutation {
twitterSignIn(
oauthToken: "..."
oauthVerifier: "..."
) {
jwt
jwtExpiresAt
refreshToken
refreshTokenExpiresAt
user {
id
fullName
}
}
}
// returns
{
"data": {
"twitterSignIn": {
"jwt": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJDcmFmdENNUyIsImlhdCI6MTYwNzIyMjg5MywiZXhwIjoxNjA3MjI0NjkzLCJzdWIiOi...",
"jwtExpiresAt": 1607224693,
"refreshToken": "eu5l-FkvTaWEzIt38QFR8ETx5PIS706P",
"refreshTokenExpiresAt": 1614998893,
"user": {
"id": "21",
"fullName": "James Edmonston"
}
}
}
}

Apple#

To authenticate a user through Sign in with Apple, you first need to call the appleOauthUrl query:

query {
appleOauthUrl
}
// returns
{
"data": {
"appleOauthUrl": "https://appleid.apple.com/auth/authorize?..."
}
}

Next, send the user to the generated URL and they will be asked to authenticate through Apple. Once they have authenticated, they will be redirected to your Redirect URL with code and state POST parameters.

Due to Apple sending the fields as POST parameters, you'll need to add an intermediary route that grabs them (e.g. a Next.js API route), and redirects to your front-end.

Finally, once you've grabbed code and state, you can call the appleSignIn mutation:

note

The appleSignIn mutation both authenticates and registers users. It will throw a Cannot find matching user error if registration is disabled, and no user with that email exists.

note

If you have Permission Type set to Multiple Schemas in your plugin settings, you will have a appleSignIn mutation for each user group (e.g. appleSignInUser and appleSignInBusiness).

mutation {
appleSignIn(
code: "..."
state: "..."
) {
jwt
jwtExpiresAt
refreshToken
refreshTokenExpiresAt
user {
id
fullName
}
}
}
// returns
{
"data": {
"appleSignIn": {
"jwt": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJDcmFmdENNUyIsImlhdCI6MTYwNzIyMjg5MywiZXhwIjoxNjA3MjI0NjkzLCJzdWIiOi...",
"jwtExpiresAt": 1607224693,
"refreshToken": "eu5l-FkvTaWEzIt38QFR8ETx5PIS706P",
"refreshTokenExpiresAt": 1614998893,
"user": {
"id": "21",
"fullName": "James Edmonston"
}
}
}
}