Skip Navigation
Expand
Setting up OpenLogin (Facebook, Twitter and Google)
Answer ID 10132   |   Last Review Date 11/09/2019

How can I implement the different types of OpenLogin method?

Environment:

Oracle Service Cloud Customer Portal (CP) Framework v3.7 or newer and the OpenLogin Widget v1.5 or newer.

If your current Oracle Service Cloud version is older than August 2014, please review Overview of legacy Service Cloud update process

If you need to migrate your CP Framework and/or widget from an older version, please review this answer and the product's manual.

Resolution:

Please follow the steps within the following guide to register your site with Google's OAuth, Facebook's OAuth or Twitter's OAuth:

 Google OAuth Setup 

Register Customer Portal open login with Google

Setting up OAuth 2.0

The redirect URI should match https://<interface>.custhelp.com/ci/openlogin/oauth/callback/google or https://<custom.domain>/ci/openlogin/oauth/callback/google

Using the obtained Client ID and Client Secret, fill out the GOOGLE_OAUTH_APP_ID and GOOGLE_OAUTH_APP_SECRET configuration verbs respectively within your interface.

Cause:

Since the 1st of May 2015, Google's old OpenID 2.0 login method has been shut down completely. In order to continue using Google as an OpenLogin provider, you will have to properly configure your Customer Portal to use the newer OpenID Connect (OAuth 2.0) method.

Notes:

If you receive a 400: Bad Request response when trying to log in, please review the "Set a redirect URI" section within this guide.

If you receive a 401: Unauthorized response, please verify that the GOOGLE_OAUTH_APP_ID and GOOGLE_OAUTH_APP_SECRET configuration verbs have been configured properly. The App Secret will be encoded, thus unreadable.

If you still receive an error, please be sure that the Google account being used to authenticate (end-user) has a Google+ profile associated with it.

 Facebook OAuth Setup 

Register Customer Portal open login with Facebook

Setting up Facebook OAuth

Note: The redirect URI should match https://<vhost>/ci/openlogin/oauth/callback/facebook/<page set>/onfail/<page set>, for instance if this is used on the app/home page it would look like:
https://<vhost>/ci/openlogin/oauth/callback/facebook/app/home/onfail/app/home.

In particular, with Facebook v2.12 API, you will need to setup each redirect URI you are going to use. If you expect the customer to be able to login from the /app/utils/login_form page this would also need to be added to your list of redirect URI's. For sites that use a custom vhost please input your correct domain.

If you are on the Facebook Developers page, in the sidebar you will see your App Settings select, choose this and Basic. In this subsection you will need to populate your App Domains, if using custhelp simply add custhelp.com to this field. You will then need to click on Add Platform on the lower half of the page, select Website and add the URL of the site you will be using including http or https, whichever is appropriate.

Next Select New Products from the sidebar again, this time choosing Facebook Login.

Add to the valid OAuth Redirect URI's list the above links you will be using your login from. 

 Twitter OAuth Setup 

Register Customer Portal open login with Twitter

Setting up Twitter OAuth

Click on Create New App floating on the top half of the page. Provide your Application with a Name and Description, note the description is required to be at least 10 characters in length.

Include the URL for your site, finally for the Callback URL, include

  • https://<vhost> or Site URL
  • https://<vhost>ci/openlogin/oauth/callback/twitter/<page>/onfail/<page>/ (please note the end tail slash is important)
** Twitter has updated their OAuth such that the Callback URL's are now restricted similar to the setup of Facebook, so each page that will be used for login must now be strictly defined in the application otherwise login will fail.

After this you can agree to the Developer Terms and then create your Twitter Application.

Once your application is completed, you may access the Keys and Access Tokens tab, where you will find your APP ID and APP Secret.



Available Languages for this Answer:

Notify Me
The page will refresh upon submission. Any pending input will be lost.