OAuth Login API
Authenticate users through third-party OAuth providers like Google and Apple for seamless social login
OAuth Login API
Enable seamless social authentication through trusted providers like Google and Apple. Let users sign in with their existing accounts for frictionless onboarding.
Multiple Providers
Support for Google, Apple, and other major OAuth providers.
One-Tap Sign In
Reduce friction with quick social login options.
Secure Token Exchange
OAuth tokens are validated server-side for maximum security.
Endpoint Overview
/graphqlAuthenticate users using OAuth tokens from supported social media providers. Returns an access token for authenticated API requests.
Supported Providers
Sign in with Google accounts. Use SocialMedia.GOOGLE enum value.
Apple
Sign in with Apple ID. Use SocialMedia.APPLE enum value.
Request Parameters
tokenString!RequiredThe OAuth access token or ID token obtained from the social provider's authentication flow.
socialMediaSocialMedia!RequiredThe social media provider enum. Supported values: GOOGLE, APPLE.
GraphQL Mutation
mutation oauthLogin($token: String!, $socialMedia: SocialMedia!) {
oauthLogin(token: $token, socialMedia: $socialMedia) {
accessToken
}
}Variables (Google):
{
"token": "ya29.a0AfH6SMBx...",
"socialMedia": "GOOGLE"
}Variables (Apple):
{
"token": "eyJraWQiOiJXNldjT0...",
"socialMedia": "APPLE"
}HTTP Request:
curl -X POST https://api.orbnet.com/graphql \
-H "Content-Type: application/json" \
-d '{
"query": "mutation oauthLogin($token: String!, $socialMedia: SocialMedia!) { oauthLogin(token: $token, socialMedia: $socialMedia) { accessToken } }",
"variables": {
"token": "YOUR_OAUTH_TOKEN",
"socialMedia": "GOOGLE"
}
}'Response
{
"data": {
"oauthLogin": {
"accessToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c"
}
}
}{
"errors": [
{
"message": "Invalid or expired OAuth token",
"path": ["oauthLogin"],
"extensions": {
"code": "INVALID_TOKEN"
}
}
],
"data": null
}{
"errors": [
{
"message": "Unsupported social media provider",
"path": ["oauthLogin"],
"extensions": {
"code": "UNSUPPORTED_PROVIDER"
}
}
],
"data": null
}Implementation Guide
Configure OAuth Provider
Set up your OAuth application in Google Cloud Console or Apple Developer Portal. Obtain your client ID and configure redirect URIs.
Implement Client-Side Flow
Use the provider's SDK (Google Sign-In, Sign in with Apple) to authenticate users and obtain the OAuth token.
Exchange Token
Send the OAuth token to our API using the oauthLogin mutation. We validate the token with the provider.
Store Access Token
Receive your OrbNET access token and store it securely for subsequent authenticated requests.
Best Practices
Validate Tokens Server-Side
Never trust client-side token validation alone. Our API validates tokens directly with OAuth providers.
Handle Account Linking
If a user signs up with email then tries OAuth with same email, accounts are automatically linked.
Token Expiration
OAuth tokens from providers have short lifespans. Exchange them immediately after receiving.
Graceful Fallback
Always provide email/password login as a fallback if OAuth providers are unavailable.
Error Handling
INVALID_TOKEN
OAuth token is invalid, expired, or malformed. Request a new token from the provider.
UNSUPPORTED_PROVIDER
The specified social media provider is not supported. Check the SocialMedia enum values.
PROVIDER_ERROR
Unable to validate token with the OAuth provider. May be a temporary issue.
EMAIL_REQUIRED
OAuth profile doesn't include email. User must grant email permission.
Related Endpoints
Provider Setup Required
Before using OAuth login, ensure you've configured your OAuth applications with Google and/or Apple. Contact support if you need help with the setup process.
Enable Social Login
Reduce sign-up friction and improve conversion rates with OAuth authentication. Users can sign in with their existing Google or Apple accounts.