Use mobile social login

Update time: 2025-07-23 07:34:21

This document is automatically generated based on https://github.com/authing/authing-docs-factory and https://api-explorer.genauth.ai V3 API, and is consistent with API parameters and return results. If the document description is incorrect, please refer to V3 API.

This endpoint is a mobile social login interface. Use the temporary credentials returned by the third-party mobile social login to log in and exchange for the user's id_token and access_token. Please read the corresponding social login access process first.

Note: Depending on the application type you selected when creating the application in GenAuth and the exchange token authentication method configured in the application, different forms of verification of the client's identity are required when calling this interface.

Click to expand details

You can find the Exchange token authentication method configuration item in Application - Self-built application - Application details - Application configuration - Other settings - Authorization configuration in the GenAuth console (opens new window):

Single-page Web applications and client applications are hidden, and the default value is none, which cannot be modified; backend applications and standard Web applications can modify this configuration item.

¶ When the token authentication method is none

No additional operations are required to call this interface.

¶ When the token authentication method is client_secret_post

When calling this interface, the client_id and client_secret parameters must be passed in the body as conditions for verifying the client's identity. Among them, client_id is the application ID and client_secret is the application key.

¶ When the token authentication method is client_secret_basic

When calling this interface, the authorization request header must be carried in the HTTP request header as a condition for verifying the client's identity. The format of the authorization request header is as follows (where client_id is the application ID and client_secret is the application key.):

Basic base64(<client_id>:<client_secret>)

Example results：

Basic NjA2M2ZiMmYzY3h4eHg2ZGY1NWYzOWViOjJmZTdjODdhODFmODY3eHh4eDAzMjRkZjEyZGFlZGM3

JS code example:

"Basic " + Buffer.from(client_id + ":" + client_secret).toString("base64");

¶ Method Name

AuthenticationClient.signInByMobile

¶ Request Parameters

Name	Type	Is it required	Default value	Description	Example Value
extIdpConnidentifier	string	yes	-	External identity source connection identifier	`wework`
connection	string	yes	-	Mobile social login Type: - `apple`: Apple mobile application - `wechat`: WeChat mobile application - `alipay`: Alipay mobile application - `wechatwork`: Enterprise WeChat mobile application - `wechatwork_agency`: Enterprise WeChat mobile application (agency development mode) - `lark_internal`: Feishu mobile enterprise self-built application - `lark_public`: Feishu mobile application store application - `lark_block`: Feishu widget - `yidun`: NetEase Yidun one-click login - `wechat_mini_program_code`: WeChat mini program uses code to log in - `wechat_mini_program_phone`: WeChat mini program uses mobile phone number to log in - `wechat_mini_program_code_and_phone`: WeChat mini program uses code and mobile phone number to log in - `google`: Google mobile social login - `facebook`: Facebook mobile social login - `qq`: QQ mobile social login - `weibo`: Sina Weibo mobile social login - `baidu`: Baidu mobile social login - `linkedin`: LinkedIn mobile social login - `dingtalk`: DingTalk mobile social login - `github`: Github mobile social login - `gitee`: Gitee mobile social login - `gitlab`: GitLab mobile social login - `douyin`: Douyin mobile social login - `kuaishou`: Kuaishou mobile social login - `xiaomi`: Xiaomi mobile social login - `line`: LINE mobile social login - `slack`: Slack mobile social login - `oppo`: OPPO mobile social login - `huawei`: Huawei mobile social login - `amazon`: Amazon mobile social login	`wechat`
wechatPayload	SignInByWechatPayloadDto	No	-	Apple mobile social login data, required when `connection` is `wechat`.
applePayload	SignInByApplePayloadDto	No	-	WeChat social login data, required when `connection` is `apple`.
alipayPayload	SignInByAlipayPayloadDto	No	-	Alipay social login data, required when `connection` is `alipay`.
wechatworkPayload	SignInByWechatworkDto	No	-	Enterprise WeChat social login data, required when `connection` is `wechatwork`.
wechatworkAgencyPayload	SignInByWechatworkAgencyPayloadDto	No	-	WeChat for Enterprise (Agency Development Mode) mobile social login data, required when `connection` is `wechatwork_agency`.
larkInternalPayload	SignInByLarkInternalPayloadDto	No	-	Social login data for mobile apps of Lark self-built applications. Required when `connection` is `lark_internal`.
larkBlockPayload	SignInByLarkBlockPayloadDto	No	-	Social login data for mobile apps of Lark widgets. Required when `connection` is `lark_block`.
yidunPayload	SignInByYidunPayloadDto	No	-	NetEase Yidun mobile social login data, required when `connection` is `yidun`.
wechatMiniProgramCodePayload	SignInByWechatMiniProgramCodePayloadDto	No	-	WeChat mini program uses code login related data, required when `connection` is `wechat_mini_program_code`.
kuaishouPayload	SignInByKuaishouPayloadDto	No	-	Kuaishou mobile social login data, required when `connection` is `kuaishou`.
xiaomiPayload	SignInByXiaomiPayloadDto	No	-	Xiaomi mobile social login data, required when `connection` is `xiaomi`.
linePayload	SignInByLinePayloadDto	No	-	LINE mobile social login data, required when `connection` is `line`.
slackPayload	SignInBySlackPayloadDto	No	-	Slack mobile social login data, required when `connection` is `slack`.	`4203d30e5e915xxxxxx26c31c9adce68`

¶ Request Response

Type： LoginTokenRespDto

Name	Type	Description
statusCode	number	Business status code, which can be used to determine whether the operation is successful. 200 means success.
message	string	Description
apiCode	number	Segmented error code, which can be used to get the specific error type (successful request does not return). For a detailed list of error codes, please see: API Code List (opens new window)
requestId	string	Request ID. Returned when the request fails.
data	LoginTokenResponseDataDto	Response data

Example Results：

{
  "statusCode": 200,
  "message": "Operation successful",
  "requestId": "934108e5-9fbf-4d24-8da1-c330328abd6c",
  "data": {
    "scope": "openid profile",
    "access_token": "eyJhbGciOiJSxxxxx",
    "id_token": "eyJhbGxxxx",
    "refresh_token": "WPsGJbvpBjqXz6IJIr1UHKyrdVF",
    "token_type": "bearer",
    "expire_in": 7200
  }
}

¶ Data Structure

¶ SignInByWechatPayloadDto

Name	Type	Is it required	Description	Example Value
code	string	No	One-time temporary code returned by WeChat mobile social login	`1660291866076`

¶ SignInByApplePayloadDto

Name	Type	Is it required	Description	Example Value
code	string	No	One-time temporary code returned by Apple mobile social login	`1660291866076`

¶ SignInByAlipayPayloadDto

Name	Type	Is it required	Description	Example Value
code	string	No	One-time temporary code returned by social login on Alipay mobile terminal	`1660291866076`

¶ SignInByWechatworkDto

Name	Type	Is it required	Description	Example Value
code	string	No	One-time temporary code returned by WeChat Enterprise mobile social login	`1660291866076`

¶ SignInByWechatworkAgencyPayloadDto

Name	Type	Is it required	Description	Example Value
code	string	No	One-time temporary code returned by WeChat for Enterprise (development mode) mobile social login	`1660291866076`

¶ SignInByLarkPublicPayloadDto

Name	Type	Is it required	Description	Example Value
code	string	No	One-time temporary code returned by social login on the mobile terminal of Feishu App Store	`1660291866076`

¶ SignInByLarkInternalPayloadDto

Name	Type	Is it required	Description	Example Value
code	string	No	One-time temporary code returned by social login on the mobile terminal of Feishu self-built application	`1660291866076`

¶ SignInByLarkBlockPayloadDto

Name	Type	Is it required	Description	Example Value
code	string	No	One-time temporary code returned by social login of Feishu widget	`1660291866076`

¶ SignInByYidunPayloadDto

Name	Type	Is it required	Description	Example Value
token	string	No	NetEase Yidun token	`1660291866076`
accessToken	string	No	NetEase Yidun operator authorization code	`1660291866076`

¶ SignInByWechatMiniProgramCodePayloadDto

Name	Type	Is it required	Description
encryptedData	string	No	Get the encrypted data (encryptedData) returned by WeChat open data
iv	string	No	Symmetric decryption algorithm initialization vector, returned by WeChat
code	string	Yes	User `code` returned by `wx.login` interface

¶ SignInByWechatMiniProgramPhonePayloadDto

Name	Type	Is it required	Description
encryptedData	string	yes	Get the encrypted data (encryptedData) returned by WeChat open data
iv	string	yes	Symmetric decryption algorithm initial vector, returned by WeChat
code	string	yes	User `code` returned by `wx.login` interface

¶ SignInByWechatMiniProgramCodeAndPhonePayloadDto

Name	Type	Is it required	Description	Example Value
wxLoginInfo	yes	WeChat Mini Program uses code to log in related data, required Nested Type: SignInByWechatMiniProgramCodePayloadDto.
wxPhoneInfo	Yes	Required, WeChat Mini Program user authorizes to use mobile phone number to log in related data. If a new user registers to the user pool, the mobile phone number will be updated to the user information synchronously; if the user in the user pool already exists, if the user has not bound a mobile phone number and the mobile phone number authorized by the mini program has not been bound, the mobile phone number will be updated to the user information. Nested Type: SignInByWechatMiniProgramPhoneInfoPayloadDto.

¶ SignInByWechatMiniProgramPhoneInfoPayloadDto

Name	Type	Is it required	Description	Example Value
code	string	is	the `code` returned by the applet when getting the user's mobile phone number

¶ SignInByGooglePayloadDto

Name	Type	Is it required	Description	Example Value
code	string	is	the code obtained by Google mobile social login

¶ SignInByFacebookPayloadDto

Name	Type	Is it required	Description	Example Value
access_token	string	is	the access_token obtained by Facebook mobile social login

¶ SignInByQQPayloadDto

Name	Type	Is it required	Description	Example Value
access_token	string	is	the access_token obtained by social login on QQ mobile terminal

¶ SignInByWeiboPayloadDto

Name	Type	Is it required	Description	Example Value
access_token	string	Yes	The access_token obtained by social login on Sina Weibo mobile terminal

¶ SignInByBaiduPayloadDto

Name	Type	Is it required	Description
code	string	No	Authorization code `code` obtained by Baidu mobile social login. Or attribute `access_token`. If both are not empty, the authorization code `code` parameter is used first.
access_token	string	No	Authorization access credential `access_token` obtained by Baidu mobile social login. Or attribute `code`. If both are not empty, the authorization code `code` parameter is used first.
code	string	yes	code obtained by social login on DingTalk mobile terminal
isSnsCode	boolean	no	If the `code` obtained by social login on DingTalk mobile terminal needs to call `sns/getuserinfo_bycode` interface to obtain the personal information of the authorized user, the parameter `isSnsCode` is passed `true`, otherwise `code` will be exchanged for `accessToken` to obtain user information

¶ SignInByGithubPayloadDto

Name	Type	Is it required	Description	Example Value
code	string	is	Authorization code `code` obtained by social login on mobile terminal of Github

¶ SignInByGiteePayloadDto

Name	Type	Is it required	Description	Example Value
code	string	is	Authorization code `code` obtained by social login on mobile terminal of Gitee

¶ SignInByGitlabPayloadDto

Name	Type	Is it required	Description	Example Value
code	string	Yes	Authorization code `code` obtained by social login on GitLab mobile terminal

¶ SignInByDouyinPayloadDto

Name	Type	Is it required	Description	Example Value
code	string	Yes	The authorization code obtained by social login on Douyin mobile terminal `code`

¶ SignInByKuaishouPayloadDto

Name	Type	Is it required	Description	Example Value
code	string	is	Authorization code `code` obtained by social login on Kuaishou mobile terminal

¶ SignInByXiaomiPayloadDto

Name	Type	Is it required	Description	Example Value
code	string	is	Authorization code `code` obtained by social login on Xiaomi mobile terminal

¶ SignInByLinePayloadDto

Name	Type	Is it required	Description	Example Value
access_token	string	yes	`access_token` obtained by LINE mobile social login
id_token	string	no	`id_token` obtained by LINE mobile social login, requires `openid` permission, will obtain user information based on `id_token`, otherwise obtain user information based on `access_token`

¶ SignInBySlackPayloadDto

Name	Type	Is it required	Description	Example Value
code	string	is	Slack mobile social login obtained authorization code `code`

¶ SignInByOPPOPayloadDto

Name	Type	Is it required	Description	Example Value
code	string	is	OPPO mobile social login obtained authorization code `code`

¶ SignInByHuaweiPayloadDto

Name	Type	Is it required	Description	Example Value
code	string	is	Authorization code `code` obtained by Huawei mobile social login

¶ SignInByAmazonPayloadDto

Name	Type	Is it required	Description	Example Value
access_token	string	is	the access token `access_token` obtained by Amazon mobile social login

¶ SignInByMobileOptionsDto

Name	Type	Is it required	Description	Example Value
scope	string	no	The permissions that need to be requested, must include openid. If you need to obtain the mobile phone number and email, you need to include phone email; if you need refresh_token, you need to include offline_access. Please separate multiple scopes with spaces. The decoded content of id_token will contain the user information related fields corresponding to these scopes. - `openid`: Must be included. - `profile`: Returns birthdate, family_name, gender, given_name, locale, middle_name, name, nickname, picture, preferred_username, profile, updated_at, website, zoneinfo fields. - `username`: Returns username. - `email`: Returns email, email_verified. - `phone`: Returns phone_number, phone_number_verified. - `offline_access`: If this parameter exists, the token interface will return the refresh_token field. - `roles`: Returns the user's role list. - `external_id`: The user ID of the original system. - `extended_fields`: Returns the user's extended field information, the content is an object, the key is the extended field name, the value is the extended field value. - `tenant_id`: Returns the user's tenant ID.	`openid profile`
context	object	No	Additional request context, which will be passed to the `context` object of the Pipeline (opens new window) before and after authentication. Learn how to get the additional context passed in the `context` parameter of Pipeline (opens new window).	`{"source":"utm"}`
tenantId	string	No	Tenant ID	`625783d629f2bd1f5ddddd98c`
customData	object	No	To set additional user custom data, you need to configure custom data (opens new window) in the GenAuth console first.	`{"school":"pku","age":"20"}`

¶ LoginTokenResponseDataDto

Name	Type	Is it required	Description	Example Value
scope	string	no	Scope corresponding to access_token	`openid profile`
access_token	string	no	API call credentials, authorized to access resource API within a limited time	`eyJhbGciOiJSxxxxx`
id_token	string	no	User's identity credentials, which will contain user information after parsing	`eyJhbGxxxx`
refresh_token	string	no	refresh_token is used to obtain a new AccessToken	`WPsGJbvpBjqXz6IJIr1UHKyrdVF`
token_type	string	yes	Token type	`bearer`
expire_in	number	yes	Expiration time in seconds	`7200`

Previous article: Login with user credentials Next article: Get Alipay AuthInfo

¶ Use mobile social login