Skip to content

OAuth2 Login API

Description

This API is used to "exchange" login provider's access token to the BackendlessUser object, it is used in Step 3 of the Login with Provider SDK flow. The API logs in externally authenticated user to Backendless.

Method

// Login externally authenticated user. The method exchanges the OAuth token (accessToken) to BackendlessUser object.
// Notice the method is non-blocking - the return value arrives through the AsyncCallback object.
[Backendless.shared.userService loginWithOauth2WithProviderCode:(NSString *)providerCode accessToken:(NSString *)accessToken fieldsMapping:(NSDictionary<NSString *,NSString *> *)fieldsMappings stayLoggedIn:(BOOL)stayLoggedIn responseHandler:^(BackendlessUser *)responseHandler errorHandler:^(Fault *)errorHandler];

// same as above but accounts for the guestUser object.
[Backendless.shared.userService loginWithOauth2WithProviderCode:(NSString *)providerCode accessToken:(NSString *)accessToken guestUser:(BackendlessUser *)guestUser fieldsMapping:(NSDictionary<NSString *,NSString *> *)fieldsMapping stayLoggedIn:(BOOL)stayLoggedIn responseHandler:^(BackendlessUser *)responseHandler errorHandler:^(Fault *)errorHandler];
// Login externally authenticated user. The method exchanges the OAuth token (accessToken) to BackendlessUser object.
// Notice the method is non-blocking - the return value arrives through the AsyncCallback object.
Backendless.shared.userService.loginWithOauth2(providerCode: String, accessToken: String, fieldsMapping: [String : String], stayLoggedIn: Bool, responseHandler: ((BackendlessUser) -> Void)!, errorHandler: ((Fault) -> Void)!)

// same as above but accounts for the guestUser object.   
Backendless.shared.userService.loginWithOauth2(providerCode: String, accessToken: String, guestUser: BackendlessUser, fieldsMapping: [String : String], stayLoggedIn: Bool, responseHandler: ((BackendlessUser) -> Void)!, errorHandler: ((Fault) -> Void)!)

where:

Argument                Description
providerCode Name of the login provider as displayed in Backendless Console - see the specific provider screen at Users > Login Providers. String value.
token OAuth access token obtained from the authentication provider as a result of logging in the user. String value.
fieldsMappings Optional parameter. A mapping of user properties between OAuth provider and Backendless. If the map object is not null, it should contain a mapping between the provider specific property names and the column names in the Users table. Consider the following mappings:
"my_email" >> "email"
"my_name" >> "name"
The key identifies the provider's property name and the value is the name of the mapped property (column name) in Backendless. In the example above, "my_email" and "my_name" are the properties returned by the OAuth2 provider and the corresponding values will be respectively stored in the "email" and "name" columns in Backendless. Must be an object.
stayLoggedIn Optional parameter. Requests to store the user's login information so the login form can be skipped next time the user launches the app. Boolean value.
guestUser Optional parameter. If present, must be the BackendlessUser object obtained through the Guest Login API. Must be an object.
responseHandler Handles successful result of an asynchronous call.
errorHandler Handles fault result of an asynchronous call.

Return Value

The BackendlessUser object containing user data. The object has the values for all the properties stored in Users data table.

Example

The example below logs in the externally authenticated user ("facebook") to Backendless.

NSString *accessToken = @"ACCESS_TOKEN"; // OAuth access token obtained from the authentication provider as a result of logging in the user
BackendlessUser *guestUser = // an instance of BackendlessUser obtained through the Guest Login API

[Backendless.shared.userService loginWithOauth2WithProviderCode:@"facebook" accessToken:accessToken guestUser:guestUser fieldsMapping:@{@"my_email": @"email", @"my_name": @"name"} stayLoggedIn:true responseHandler:^(BackendlessUser *loggedInUser) {
    // handle response
} errorHandler:^(Fault *fault) {
    // handle error
}];
let accessToken = "ACCESS_TOKEN" // OAuth access token obtained from the authentication provider as a result of logging in the user
let guestUser = // an instance of BackendlessUser obtained through the Guest Login API

Backendless.shared.userService.loginWithOauth2(providerCode: "facebook", accessToken: accessToken, guestUser: guestUser, fieldsMapping: ["my_email": "email", "my_name": "name"], stayLoggedIn: true, responseHandler: { loggedInUser in
    // handle response
}, errorHandler: { fault in
    // handle error
})

Codeless Reference

user_service_codeless_OAuth_user_login

where:

Argument                Description
provider code Code of the login provider as displayed in Backendless Console - see the specific provider screen at Users > Login Providers.
redirect page Optional parameter. You can set the redirect page or an absolute path to an .html file in your application storage ( e.g. /web/index.html) that a user will see after the authorization.
fields mappings Optional parameter. A mapping of user properties between OAuth provider and Backendless. If the object is not null, it should contain a mapping between the provider specific property names and the column names in the Users table. Consider the following mappings:
"my_email" >> "email"
"my_name" >> "name"
The key identifies the provider's property name and the value is the name of the mapped property (column name) in Backendless. In the example above, "my_email" and "my_name" are the properties returned by the OAuth2 provider and the corresponding values will be respectively stored in the "email" and "name" columns in Backendless.
scope Optional parameter. A collection of security scopes the client application is requesting permissions for. You must obtain security scopes from your Login Provider. Furthermore, you must pay attention how you pass data to this parameter, since all providers have different format of security scopes as well as separators. A separator can be a space, comma, ampersand or other symbol standardized by the Login Provider of your choice.
callback URL Domain Optional parameter. A custom or Backendless domain used to retrieve the Login Provider's authorization token. Refer to the Login With Provider's SDK section in this topic, Step 2,   to see the authorization process.
options Optional parameter, which is used to pass the clientID for Apple authorization.

Returns the BackendlessUser object containing user information for all the properties stored in Backendless database.

The example below performs the authorization of a user using Google as the Login Provider.

For demonstration purposes the fields mappings parameter contains a sample object with field names that should match the field names as provided by your Login Provider; If fields are matched, then the user information is exchanged between the Backendless and the Login Provider, and saved to the Users data table.

The security scope must be obtained from your Login Provider. In the context of this example, Google expects security scopes to be separated by spaces. In the example below you can see three scopes ( <scope_1> <scope_2> <scope_3> )  passed as a string, and each scope is separated with a space. The Google's security scope can have the following format, and in this case the endpoint is considered as a security scope:

  1. https://www.googleapis.com/auth/admob.readonly
  2. https://www.googleapis.com/auth/admob.report

You just need to pass the required security scopes as is using correct separator.

user_service_codeless_example_OAuth_user_login