Implementation For Apps/Mobile Devices

In this part you will discover how to easily add our Social Login and Social Sharing services to mobile applications on devices like for example on iPhone, iPad, iOS and Android. You can even use the native authentication SDKs of the social networks (e.g. Facebook & Twitter) along with OneAll.

SDKs for iOS and Android are available in our GitHub Respository.

For security reasons we strongly advise against storing your OneAll API credentials on any mobile device. In this guide we are describing different means in order to replace the classic HTTP Basic Authentication with a different authorization mechanism so that you don't have to hard-code the API credentials into your app.

1. How to enable social network authentication in my app?

The authentication is triggered by sending the users to the following url (e.g. after they click on a login icon in your app):

		https://#your_subdomain#.api.oneall.com/socialize/connect/mobile/#provider_key#/?nonce=#nonce#&callback_uri=#callback_uri#

Make sure to replace the #placeholders# contained in the url.

Placeholder Description
* #your_subdomain The subdomain of your OneAll site.
Example: myshop
* #provider_key# The key of the social network to login with.
Example: twitter, facebook, vimeo
* #nonce# A string generated by your app and used to make the request unique (e.g. UUID).
Example: 6ba7b810-9dad-11d1-80b4-00c04fd430c8
* #callback_uri# The URI of your mobile app to redirect the user to after having logged in with this social network account. The URI may have a custom scheme to allow operation under various environments.
Example: oneall://callback (for iOS applications)

Upon successful authentication with a social network account, users will be redirected back to the callback_uri to which the OneAll API will add the url parameter connection_token. This token uniquely identifies the user's connection with his social network account.

Example

	oneall://callback?connection_token=18881239-fddb-4b7c-b384-998177c61815

2. How to retrieve the user's social network profile data?

With your app you can now fetch the user's social network profile data by extracting the connection_token and sending a GET request to the Connection endpoint of the OneAll API.

		https://#your_subdomain#.api.oneall.com/connections/#connection_token#.json

Make sure to replace the #placeholders# contained in the url.

Placeholder Description
* #your_subdomain The subdomain of your OneAll site.
Example: myshop
* #connection_token# The connection_token received as url parameter.
Example: 18881239-fddb-4b7c-b384-998177c61815

To authenticate against the OneAll API your app must include the previously generated nonce as Authorization HTTP header. The nonce has to be be prefixed by the string literal OneAllNonce, with a whitespace separating the two strings.

		Authorization: OneAllNonce #nonce#
Placeholder Description
* #nonce# The unique nonce generate by your app and send as url parameter nonce to the OneAll API.
Example: 18881239-fddb-4b7c-b384-998177c61815

The Connection API will return the full user profile data retrieved from the social network (Facebook, LinkedIn ...). The data is wrapped into the Portable Contacts Format. Please note that the user profile may contain more or less data depending on the provider.

Your app can now use the retrieved user data to either create a new user account or login the user to an existing account and to share content on behalf of the user.

3. How to share content on behalf of the user?

For mobile devices the Connection API results include a publish_token that allows your app to publish content on behalf of a user without using hard-coded API credentials.

	{
		"response": {
			"response":{
				"result": {
					"data": {
						"user": {
							"user_token": "37e5ff00-d9fd-407f-94ed-450c32971021"
							"publish_token": {
								"key": "71f28422-5a20-4131-b513-16cf6f497b972",
								"date_creation": "Thu, 25 Aug 2011 13:35:40 +0200",
								"date_expiration": "Thu, 25 Aug 2011 13:35:40 +0200"
							}
						}
					}
				}
			}
		}
	}

To authenticate against the OneAll API when publishing content on behalf of a user your app must include the publish_token key as Authorization HTTP header. The key should be prefixed by the string literal OneAllPublishToken, with a whitespace separating the two strings.

		Authorization: OneAllPublishToken #publish_token#
Placeholder Description
* #publish_token# A publish_token->key value returned by the Connection API.
Example: 71f28422-5a20-4131-b513-16cf6f497b972

4. How to use the native social network SDKs for authentication?

OneAll also supports logins with native SDKs, like for example the Facebook SDK. This allows application developers to fully customise the login flow. In this case only one step is required to login and retrieve the connection details.

You simply use the native SDK to let the user connect with his social network account and then you import the user with the access_token that you have received from the social network.

The OneAll API then uses that access_token to retrieve the user's social network profile and adds it to your OneAll site.

User Contributed Notes