Skip to content

Social and OAuth2 Logins

Backendless provides integration with multiple login providers, including social networks and various cloud/enterprise systems. You can see available login providers in the Backendless Console by clicking the Users icon and then the Login Providers section:


In order to use a login provider, it must be enabled first. To enable a login provider, select it from the list, fill out the form with the required values and click the toggle that says "This provider is OFF". Make sure to click the SAVE button to save the configuration parameters and the ON/OFF state of the provider.

Once a login provider is enabled, your application can use authenticate the users through the provider. A typical authentication flow is:

  1. Use login provider's SDK or API to login the user.
  2. Once the user is logged in, you application receives an OAuth token.
  3. Use the OAuth token with the Backendless API to "exchange" the token and receive a reference to Backendless user. The Backendless user is a logical representation of the user authenticated through the login provider. The API to login an externally authenticated user is documented below in this section of the guide.

Login Provider Configuration

Configuring a login provider will vary as all providers have their own way for obtaining configuration properties. Below you will find instructions for most commonly used social login providers:

Configuring "Login with Facebook"
  1. Navigate to
  2. Select an application or create one using the My Apps dropdown in the upper right corner.If you are creating a new app, you will see a popup asking "how are you using your app?". Select the For Everything Else answer.
  3. Add Facebook Login to your app
  4. Locate the App ID and App Secret values in the Settings > Basic section and copy the values into the corresponding fields in the Backendless Console (Users > Login Providers > Facebook).
  5. Click Add Platform and select Website.
  6. Enter as the Site URL.
  7. Click Save Changes.
  8. Click the Settings tab on the Facebook Product section.
  9. Scroll down to the Client OAuth Settings block and enter into the Valid OAuth redirect URIs field.
  10. In a separate browser window login to Backendless console and navigate to Users > Login Providers > Facebook screen. You will see the Callback URL field. Copy the URL from that field into Valid OAuth redirect URIs (by the time you are done with this step, that field will have two URIs as shown in the screenshot below):
  11. Scroll down to the bottom of the page and click Save Changes.
Configuring "Login with Google"

Adding Google API and generating client ID

  1. Navigate to
  2. Choose an existing project or create a new one.

  3. Select the Google+ API:

  4. Click Enable to enable the API:

  5. Once the API is enabled, click the Create Credentials button. If you do not see the button, click the Credentials menu item on the left and then click the Configure Consent Screen button.
  6. Complete the form on the OAuth consent screen:
  7. Return to the Credentials and click +Create Credentials > Create OAuth client ID.
  8. Select Web Application.

Generating config file for client project

In this step of the setup you need to navigate to and add/create a Firebase project. Follow Google's instructions for configuring the project, downloading google-services.json and adding the file to your Android Studio project.

Adding Configuration in Backendless

  1. Return to
  2. Select the project and click Credentials.
  3. The credentials should now include a "Web client" which is automatically generated by Google.
Configuring "Login with Github"
  1. Open
  2. Register a new app.
  3. In "Application name", type in the name of your app.
  4. In Homepage URL use or the homepage URL for your application.
  5. For the Authorization callback URL field copy/paste the Callback URL value from Backendless console. You will find the value in the Users > Login Providers > GitHub screen.
  6. Click Create Github App.
  7. Copy Client ID and Client secret into the corresponding fields in the Users > Login Providers > GitHub screen.
Configuring "Login with LinkedIn"
  1. Open
  2. Click Create app.
  3. In App name type the name of your app.
  4. Enter LinkedIn page, Privacy policy and App logo:
  5. Click Create app.
  6. Go to Auth
  7. For the Authorization callback URL field copy/paste the Callback URL value from Backendless Console located in Users > Login Providers > LinkedIn
  8. Go to Products
  9. Enable Sign In with LinkedIn:
  10. Copy Client ID and Client secret into the corresponding fields in Backendless Console located in the Users > Login Providers > LinkedIn screen.

OAuth Login API

There are two available APIs: one supporting the OAuth2 login providers and the other is for the older version of OAuth (which at this point is only Twitter).

// Login externally authenticated user. The method exchanges the OAuth token (accessToken) to 
// BackendlessUser object delivered as "loggedInUser" object.
Backendless.UserService.loginWithOauth2(providerCode, accessToken, guestUser, fieldsMapping, stayLoggedIn)
 .then( function( loggedInUser ) {
 .catch( function( error ) {

// Login for the OAuth1.0 provider (Twitter)
Backendless.UserService.loginWithOauth1(providerCode, accessToken, accessTokenSecret, guestUser, fieldsMapping, stayLoggedIn) 
 .then( function( loggedInUser ) {
 .catch( function( error ) {


Argument                Description
providerCode name of the login provider as displayed in Backendless Console - see the specific provider screen at Users > Login Providers.
accessToken OAuth access token obtained from the authentication provider as a result of logging in the user.
guestUser Optional. If present, must be an instance of BackendlessUser obtained through the Guest Login API.
fieldsMapping Optional. A mapping of user properties between OAuth provider and Backendless. If the map object is not null, it should contain a mapping between the provider specific property names and the column names in the Users table.
stayLoggedIn if the value is true, the user token representing the logged in user session is stored in the client application (local storage).