Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Social Login

577 views

Published on

Session I delivered at Oredev 2013 regarding implementing social login and registration in your applications.

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Social Login

  1. 1. Building Secure and Social Applications Michele Leroux Bustamante michelebusta@solliance.net
  2. 2. Why Social Login?
  3. 3. Fewer passwords to remember
  4. 4. Single Sign-On (SSO)
  5. 5. Gather information
  6. 6. Read your thoughts Perform actions based on your thoughts
  7. 7. Share
  8. 8. Access to millions of new users
  9. 9. As of October 29, 2013 • • • • • Facebook 1.2 B Google+ 540 M TW 500 M LinkedIn 300 M Yahoo 300 M http://www.nydailynews.com/news/national/google-540mmonthly-users-lags-behind-facebook-article-1.1500403
  10. 10. Session Agenda • • • • • Social registration Social Login and SSO Gather profile information Linking accounts Social sharing
  11. 11. DEMO
  12. 12. Twitter Setup No app required Redirect and login User asked to authorize during login Authorization code returned Application uses code to request an access token • Application uses access token to interact with provider API • • • • •
  13. 13. Facebook Setup • • • • • • Create an app at the provider Get the application “keys” Redirect and login Users asked to authorize during login Authorization code returned Application uses code to request info
  14. 14. Protocol Flow • What really happened? • Redirect to provider – User authenticates – Authorization code returned • Call to provider with code – Request additional user information – Must be authorized information
  15. 15. DEMO
  16. 16. Social Sharing • Share directly from JavaScript – Generate sample buttons at provider site – Customize as desired • Share through API – Requires access token to operate on behalf of the user
  17. 17. DEMO
  18. 18. Gathering Information • Use the access token to request information from the provider • Unique identifier per user • Additional details can vary
  19. 19. DEMO
  20. 20. Development Platforms
  21. 21. Connecting Accounts • Goal to have a single profile • Login with one or more provider, same user profile • Share with one or more provider, irrespective of login
  22. 22. DEMO
  23. 23. Design Decisions • • • • Which providers will you support? What profile information do you need? What sharing options / methods? How do you want to handle providers?
  24. 24. What if it could be easier?
  25. 25. One Example
  26. 26. What if it could be easier?
  27. 27. References • Conference resources to be referenced here: – http://michelebusta.com • See my snapboards: – Currently at the alpha site: http://snapboardalpha.cloudapp.net/michelebusta – Will move these to snapboard.com/michelebusta when we go live on the main site (SOON watch my blog for announcement) • Contact me: – michelebusta@solliance.net – @michelebusta
  28. 28. Michele Leroux Bustamante Managing Partner Solliance (solliance.net) CEO and Cofounder Snapboard (snapboard.com) Microsoft Regional Director Microsoft MVP Author, Speaker Pluralsight courses on the way! Blog: michelebusta.com michelebusta@solliance.net @michelebusta

×