Nextend Social Login REST API

Warning: You need to have a developer’s knowledge to be able to use our REST API, since we are not able to provide support for custom coding!

Table of contents

About Nextend Social Login REST API

The REST API of Nextend Social Login can be used for checking whether there is a user in your site that has already registered with the currently used social account or not. So our REST API won’t handle the login or registration process, as that must be implemented with custom coding.

How can I use the REST API in my application?

For integrating social register / login in your application, you need to a implement the following process:

1. Communication between the user and your mobile app:

You need to create a way for the user to communicate with your social APP, so basically a way to display the authentication and authorization screen when the user clicks on the social button. Over the “Authentication” screen the user will be able to login to the associated social media account. At the authorization screen, the person will be able to grant permission for your App to see his/her user information. Once the user logged in and authorized your app, it will return an access token, which is used for the validation.

2. User validation:

When you have the access token you can use it to communicate with the REST API of Nextend Social Login (NSL) which will check whether there’s any user registered to your site with the given access token. The JSON encoded access token should be posted to our REST API endpoint.

Method: POST
Endpoint: /wp-json/nextend-social-login/v1/{{providerID}}/get_user
POST Args: access_token

For example:
NSL Google provider REST API endpoint:

  • https://example.com/wp-json/nextend-social-login/v1/google/get_user

The access_token needs to be a JSON encoded string, like these.

Response:

  • Success – status 200 -> json encoded WP user id, for example:
    "44"
  • Fail – if the status code isn’t 200 then an error occurred-> For example:
    {"code":"error","message":"The access token could not be decrypted","data":null}

3. Handling the Login / Registration process:

  • Access token found – Login process
    If NSL returns the WordPress user ID you’ll need to log them in to your Application.
  • Access token not found – Registration process
    If NSL did not find any user with the given access token, you need to create a new WordPress account using WordPress’ REST API. Then log them in and you can link the user with the social provider.

    • line 1-11: will verify that the access token is valid, if it is valid it will retrieve the social user id ( this ISN’T the WordPress user id! )
    • line 13-16: will connect the social provider account with the WordPress user ID.

Making request with the Access Token

Post request with cURL

In the following example you can find a basic example for posting your access token to the REST API of Nextend Social Login using cURL. You can download this basic gist, modify the value of the $url variable with your own domain and the provider name that your access token is associated with. Then you need to modify the value of the $access_token variable according to your own test access token.

Post request with the Postman App

Make sure you send the access token as a POST parameter where the parameter name is access_token!
NSL REST API with Postman

REST API endpoints and Access Token format

Facebook

Endpoint:

  • https://****/wp-json/nextend-social-login/v1/facebook/get_user

Access token format:

{"access_token":"*************","token_type":"bearer","expires_in":5183946}

Google

Endpoint:

  • https://****/wp-json/nextend-social-login/v1/google/get_user

Access token format:

{"access_token": "*************", "expires_in": 3600, "token_type": "Bearer", "id_token": "*************"}

Twitter

Endpoint:

  • https://****/wp-json/nextend-social-login/v1/twitter/get_user

Access token format:

{"oauth_token":"*************","oauth_token_secret":"*************","user_id":"*************"}

Apple

Endpoint:

  • https://****/wp-json/nextend-social-login/v1/apple/get_user

Access token format:

{"access_token":"*************","token_type":"Bearer","expires_in":3600,"id_token":*************"}

LinkedIn

Endpoint:

  • https://****/wp-json/nextend-social-login/v1/linkedin/get_user

Access token format:

{"access_token":"*************","expires_in":5184000}

Amazon

Endpoint:

  • https://****/wp-json/nextend-social-login/v1/amazon/get_user

Access token format:

{"access_token":"*************","token_type":"bearer","expires_in":3600}

VKontakte

Endpoint:

  • https://****/wp-json/nextend-social-login/v1/vk/get_user

Access token format:

{"access_token":"*************","expires_in":86400}

PayPal

Endpoint:

  • https://****/wp-json/nextend-social-login/v1/paypal/get_user

Access token format:

{"access_token":"*************","token_type":"Bearer","expires_in":28800}

WordPress.com

Endpoint:

  • https://****/wp-json/nextend-social-login/v1/wordpress/get_user

Access token format:

{"access_token":"*************","token_type":"bearer"}

Disqus

Endpoint:

  • https://****/wp-json/nextend-social-login/v1/disqus/get_user

Access token format:

{"access_token":"*************","expires_in":2592000,"token_type":"Bearer"}

Yahoo

Endpoint:

  • https://****/wp-json/nextend-social-login/v1/yahoo/get_user

Access token format:

{"access_token":"*************","expires_in":3600,"token_type":"bearer"}

Common error messages


  • Request is missing required authentication credential. Expected OAuth 2 access token, login cookie or other valid authentication credential.
  • An active access token must be used to query information about the current user.

The problem is related to either your access token or the way you posted it.
To verify the access token is fine, you could post it to the REST API of the corresponding provider via a basic form like this. ( Don’t forget to modify the “action” attribute with your own domain and the ID of the provider your access token is related to! )