Use mobile social login

Update time: 2025-07-23 07:34:21

This document is automatically generated based on https://github.com/authing/authing-docs-factory based on https://api-explorer.genauth.ai V3 API, and is consistent with API parameters and return results. If this document description is incorrect, please refer to V3 API.

This endpoint is a mobile social login interface, which uses the temporary credentials returned by the third-party mobile social login to log in and exchange the user's id_token and access_token. Please read the corresponding social login access process first.

Note: Depending on the application type you selected when creating the application in GenAuth and the exchange token authentication method configured in the application, different forms of client identity verification are required when calling this interface.

Click to expand details

You can find the Exchange token authentication method configuration item in Application - Self-built application - Application details - Application configuration - Other settings - Authorization configuration in the GenAuth console (opens new window):

Single-page web applications and client applications are hidden, and the default value is none, which is not allowed to be modified; backend applications and standard web applications can modify this configuration item.

¶ When the exchange token authentication method is none

No additional operations are required to call this interface.

¶ When the exchange token authentication method is client_secret_post

When calling this interface, the client_id and client_secret parameters must be passed in the body as conditions for verifying the client identity. Among them, client_id is the application ID, and client_secret is the application secret key.

¶ When exchanging token authentication mode is client_secret_basic

When calling this interface, the authorization request header must be carried in the HTTP request header as a condition for verifying the client's identity. The format of the authorization request header is as follows (where client_id is the application ID, and client_secret is the application secret key.):

Basic base64(<client_id>:<client_secret>)

Result example:

Basic NjA2M2ZiMmYzY3h4eHg2ZGY1NWYzOWViOjJmZTdjODdhODFmODY3eHh4eDAzMjRkZjEyZGFlZGM3

JS code example:

"Basic " + Buffer.from(client_id + ":" + client_secret).toString("base64");

¶ Method name

AuthenticationClient.sign_in_by_mobile

¶ Request Parameters

Name	type	Is this field required?	Default	Description	Sample
extIdpConnidentifier	string	Yes	-	External IdP identifier	`wework`
connection	string	yes	-	Mobile social login type: - `apple`: Apple mobile application - `wechat`: WeChat mobile application - `alipay`: Alipay mobile application - `wechatwork`: Enterprise WeChat mobile application - `wechatwork_agency`: Enterprise WeChat mobile application (agency development mode) - `lark_internal`: Feishu mobile enterprise self-built application - `lark_public`: Feishu mobile application store application - `lark_block`: Feishu widget - `yidun`: NetEase Yidun one-click login - `wechat_mini_program_code`: WeChat mini program uses code login - `wechat_mini_program_phone`: WeChat mini program uses mobile phone number login - `wechat_mini_program_code_and_phone`: WeChat mini program uses code and mobile phone number to log in - `google`: Google mobile social login - `facebook`: Facebook mobile social login - `qq`: QQ mobile social login - `weibo`: Sina Weibo mobile social login - `baidu`: Baidu mobile social login - `linkedin`: LinkedIn mobile social login - `dingtalk`: DingTalk mobile social login - `github`: Github mobile social login - `gitee`: Gitee mobile social login - `gitlab`: GitLab mobile social login - `douyin`: Douyin mobile social login - `kuaishou`: Kuaishou mobile social login - `xiaomi`: Xiaomi mobile social login - `line`: LINE Mobile social login - `slack`: Slack mobile social login - `oppo`: OPPO mobile social login - `huawei`: Huawei mobile social login - `amazon`: Amazon mobile social login	`wechat`
wechatPayload	SignInByWechatPayloadDto	No	-	Apple mobile social login data, required when `connection` is `wechat`.
applePayload	SignInByApplePayloadDto	No	-	WeChat social login data, required when `connection` is `apple`.
alipayPayload	SignInByAlipayPayloadDto	No	-	Alipay social login data, required when `connection` is `alipay`.
wechatworkPayload	SignInByWechatworkDto	No	-	Enterprise WeChat social login data, required when `connection` is `wechatwork`.
wechatworkAgencyPayload	SignInByWechatworkAgencyPayloadDto	No	-	WeChat for Enterprise (development agent mode) mobile social login data, required when `connection` is `wechatwork_agency`.
larkPublicPayload	SignInByLarkPublicPayloadDto	No	-	Lark App Store mobile social login data, required when `connection` is `lark_public`.
larkInternalPayload	SignInByLarkInternalPayloadDto	No	-	Social login data for mobile apps of Lark self-built applications. Required when `connection` is `lark_internal`.
larkBlockPayload	SignInByLarkBlockPayloadDto	No	-	Social login data for mobile widgets of Lark. Required when `connection` is `lark_block`.
yidunPayload	SignInByYidunPayloadDto	No	-	NetEase Yidun mobile social login data, required when `connection` is `yidun`.
wechatMiniProgramCodePayload	SignInByWechatMiniProgramCodePayloadDto	No	-	WeChat Mini Program uses code to log in related data. It is required when `connection` is `wechat_mini_program_code`.
wechatMiniProgramPhonePayload	SignInByWechatMiniProgramPhonePayloadDto	No	-	WeChat Mini Program uses mobile phone number to log in related data. It is required when `connection` is `wechat_mini_program_phone`.
wechatMiniProgramCodeAndPhonePayload	SignInByWechatMiniProgramCodeAndPhonePayloadDto	No	-	WeChat Mini Program uses code and phone number to log in related data. Required when `connection` is `wechat_mini_program_code_and_phone`.
googlePayload	SignInByGooglePayloadDto	No	-	Google mobile social login data, required when `connection` is `google`.
facebookPayload	SignInByFacebookPayloadDto	No	-	Facebook mobile social login data, required when `connection` is `facebook`.
qqPayload	SignInByQQPayloadDto	No	-	QQ mobile social login data, required when `connection` is `qq`.
weiboPayload	SignInByWeiboPayloadDto	No	-	Sina Weibo mobile social login data, required when `connection` is `weibo`.
baiduPayload	SignInByBaiduPayloadDto	No	-	Baidu mobile social login data, required when `connection` is `baidu`, and one of the attributes `code` and `access_token` of `baiduPayload` must be selected, and the `code` value is used first as the authorization login method.
linkedInPayload	SignInByLinkedInPayloadDto	No	-	LinkedIn mobile social login data, required when `connection` is `linkedin`.
dingTalkPayload	SignInByDingTalkPayloadDto	No	-	DingTalk mobile social login data, required when `connection` is `dingtalk`.
githubPayload	SignInByGithubPayloadDto	No	-	Github mobile social login data, required when `connection` is `github`.
giteePayload	SignInByGiteePayloadDto	No	-	Gitee mobile social login data, required when `connection` is `gitee`.
gitlabPayload	SignInByGitlabPayloadDto	No	-	GitLab mobile social login data, required when `connection` is `gitlab`.
douyinPayload	SignInByDouyinPayloadDto	No	-	Douyin mobile social login data, required when `connection` is `douyin`.
kuaishouPayload	SignInByKuaishouPayloadDto	No	-	Kuaishou mobile social login data, required when `connection` is `kuaishou`.
xiaomiPayload	SignInByXiaomiPayloadDto	No	-	Xiaomi mobile social login data, required when `connection` is `xiaomi`.
linePayload	SignInByLinePayloadDto	No	-	LINE mobile social login data, required when `connection` is `line`.
slackPayload	SignInBySlackPayloadDto	No	-	Slack mobile social login data, required when `connection` is `slack`.
oppoPayload	SignInByOPPOPayloadDto	No	-	OPPO mobile social login data, required when `connection` is `oppo`.
huaweiPayload	SignInByHuaweiPayloadDto	No	-	Huawei mobile social login data, required when `connection` is `huawei`.
amazonPayload	SignInByAmazonPayloadDto	No	-	Amazon mobile social login data, required when `connection` is `amazon`.
options	SignInByMobileOptionsDto	No	-	Optional parameters
client_id	string	No	-	Application ID. Required when the "Exchange token authentication method" of the application is configured as `client_secret_post`.	`6342b8537axxxx047d314109`
client_secret	string	No	-	Application secret key. Required when the "Exchange token authentication method" of the application is configured as `client_secret_post`.	`4203d30e5e915xxxxxx26c31c9adce68`

¶ Request response

Type: LoginTokenRespDto

Name	Type	Description
statusCode	number	Business status code, which can be used to determine whether the operation is successful. 200 means success.
message	string	Description
apiCode	number	Segmented error code, which can be used to get the specific error type (successful request does not return). For a detailed list of error codes, see: API Code List (opens new window)
requestId	string	Request ID. Returned when the request fails.
data	LoginTokenResponseDataDto	Response data

Sample result:

{
  "statusCode": 200,
  "message": "Success",
  "requestId": "934108e5-9fbf-4d24-8da1-c330328abd6c",
  "data": {
    "scope": "openid profile",
    "access_token": "eyJhbGciOiJSxxxxx",
    "id_token": "eyJhbGxxxx",
    "refresh_token": "WPsGJbvpBjqXz6IJIr1UHKyrdVF",
    "token_type": "bearer",
    "expire_in": 7200
  }
}

¶ Data structure

¶ SignInByWechatPayloadDto

Name	Type	Is it required?	Description	Sample value
code	string	No	One-time temporary code returned by WeChat mobile social login	`1660291866076`

¶ SignInByApplePayloadDto

Name	Type	Is it required?	Description	Sample value
code	string	No	One-time temporary code returned by social login on Apple mobile terminal	`1660291866076`

¶ SignInByAlipayPayloadDto

Name	Type	Is it required	Description	Sample value
code	string	No	One-time temporary code returned by social login on Alipay mobile terminal	`1660291866076`

¶ SignInByWechatworkDto

Name	Type	Is it required?	Description	Sample value
code	string	No	One-time temporary code returned by social login on WeChat mobile terminal	`1660291866076`

¶ SignInByWechatworkAgencyPayloadDto

Name	Type	Is it required?	Description	Sample value
code	string	No	One-time temporary code returned by social login on mobile terminal of WeChat for Enterprise (development mode)	`1660291866076`

¶ SignInByLarkPublicPayloadDto

Name	Type	Is it required	Description	Sample value
code	string	No	One-time temporary code returned by social login on mobile terminal of Feishu App Store	`1660291866076`

¶ SignInByLarkInternalPayloadDto

Name	Type	Is it required?	Description	Sample value
code	string	No	One-time temporary code returned by social login of self-built mobile app of Feishu	`1660291866076`

¶ SignInByLarkBlockPayloadDto

Name	Type	Is it required?	Description	Sample value
code	string	No	One-time temporary code returned by social login of Lark widget	`1660291866076`

¶ SignInByYidunPayloadDto

Name	Type	Is it required?	Description	Sample value
token	string	No	NetEase Yidun token	`1660291866076`
accessToken	string	No	NetEase Yidun operator authorization code	`1660291866076`

¶ SignInByWechatMiniProgramCodePayloadDto

Name	Type	Is it required?	Description
encryptedData	string	No	Get the encrypted data (encryptedData) returned by WeChat open data
iv	string	No	Symmetric decryption algorithm initial vector, returned by WeChat
code	string	Yes	User `code` returned by `wx.login` interface

¶ SignInByWechatMiniProgramPhonePayloadDto

Name	Type	Is it required	Description
encryptedData	string	yes	Get the encrypted data (encryptedData) returned by WeChat open data
iv	string	yes	Symmetric decryption algorithm initial vector, returned by WeChat
code	string	yes	User `code` returned by `wx.login` interface

¶ SignInByWechatMiniProgramCodeAndPhonePayloadDto

Name	Type	Is it required	Description	Sample value
wxLoginInfo	Yes	Data related to WeChat Mini Program login using code, required Nested type: SignInByWechatMiniProgramCodePayloadDto.
wxPhoneInfo	Yes	Required, WeChat Mini Program user authorization to use mobile phone number to log in related data. If a new user registers to the user pool, the mobile phone number will be updated to the user information synchronously; if the user in the user pool already exists, if the user has not bound a mobile phone number and the mobile phone number authorized by the mini program has not been bound, the mobile phone number will be updated to the user information. Nested type: SignInByWechatMiniProgramPhoneInfoPayloadDto.

¶ SignInByWechatMiniProgramPhoneInfoPayloadDto

Name	Type	Is it required?	Description	Sample value
code	string	Yes	`code` returned by the applet when getting the user's mobile phone number

¶ SignInByGooglePayloadDto

Name	Type	Is it required?	Description	Example value
code	string	is	the code obtained by Google mobile social login

¶ SignInByFacebookPayloadDto

Name	Type	Is it required?	Description	Sample value
access_token	string	Yes	Access_token obtained by Facebook mobile social login

¶ SignInByQQPayloadDto

Name	Type	Is it required?	Description	Sample value
access_token	string	Yes	QQ Access_token obtained by social login on mobile

¶ SignInByWeiboPayloadDto

Name	Type	Is it required?	Description	Sample value
access_token	string	Yes	Access_token obtained by social login on Sina Weibo mobile

¶ SignInByBaiduPayloadDto

Name	Type	Is it required?	Description	Sample value
code	string	No	The authorization code `code` obtained by Baidu mobile social login. Or the attribute `access_token`. If both are not empty, the authorization code `code` parameter is used first.
access_token	string	No	The authorization access credential `access_token` obtained by Baidu mobile social login. Or the attribute `code`. If both are not empty, the authorization code `code` parameter is used first.

¶ SignInByLinkedInPayloadDto

Name	Type	Is it required?	Description	Sample value
code	string	Yes	The code obtained by LinkedIn mobile social login

¶ SignInByDingTalkPayloadDto

Name	Type	Is it required?	Description	Sample value
code	string	yes	The code obtained by social login on DingTalk mobile terminal
isSnsCode	boolean	no	If the `code` obtained by social login on DingTalk mobile terminal needs to call the `sns/getuserinfo_bycode` interface to obtain the personal information of the authorized user, the parameter `isSnsCode` is passed `true`, otherwise `code` will be exchanged for `accessToken` to obtain the user information

¶ SignInByGithubPayloadDto

Name	Type	Is it required?	Description	Sample value
code	string	Yes	Authorization code `code` obtained by Github mobile social login

¶ SignInByGiteePayloadDto

Name	Type	Is it required?	Description	Sample value
code	string	Yes	Gitee Authorization code `code` obtained by social login on mobile

¶ SignInByGitlabPayloadDto

Name	Type	Is it required	Description	Sample value
code	string	Yes	Authorization code `code` obtained by social login on mobile GitLab

¶ SignInByDouyinPayloadDto

Name	Type	Is it required	Description	Sample value
code	string	Yes	Authorization code `code` obtained by social login on Douyin mobile terminal

¶ SignInByKuaishouPayloadDto

Name	Type	Is it required	Description	Sample value
code	string	Yes	Authorization code `code` obtained by social login on Kuaishou mobile terminal

¶ SignInByXiaomiPayloadDto

Name	Type	Is it required?	Description	Sample value
code	string	Yes	Authorization code `code` obtained by Xiaomi mobile social login

¶ SignInByLinePayloadDto

Name	Type	Is it required?	Description	Sample value
access_token	string	Yes	`access_token` obtained by LINE mobile social login
id_token	string	No	`id_token` obtained by LINE mobile social login, requires `openid` permission, will obtain user information based on `id_token`, otherwise obtain user information based on `access_token`

¶ SignInBySlackPayloadDto

Name	Type	Is it required?	Description	Sample value
code	string	Yes	Slack mobile social login obtained authorization code `code`

¶ SignInByOPPOPayloadDto

Name	Type	Is it required?	Description	Sample value
code	string	Yes	OPPO mobile social login obtained authorization code `code`

¶ SignInByHuaweiPayloadDto

Name	Type	Is it required?	Description	Sample value
code	string	Yes	Authorization code `code` obtained by Huawei mobile social login

¶ SignInByAmazonPayloadDto

Name	Type	Is it required?	Description	Sample value
access_token	string	Yes	The access token `access_token` obtained by Amazon mobile social login

¶ SignInByMobileOptionsDto

| Name | Type |

Required

Description

Sample value

| | ---------- | ------ | -------------------------------------- | ---------------------------- ...
- profile: Returns birthdate, family_name, gender, given_name, locale, middle_name, name, nickname, picture, preferred_username, profile, updated_at, website, zoneinfo fields.
- username: Returns username.
- email: Returns email, email_verified.
- phone: Returns phone_number, phone_number_verified.
- offline_access: If this parameter exists, the token interface will return the refresh_token field.
- roles: Returns the user's role list.
- external_id: The user's user ID in the original system.
- extended_fields: Returns the user's extended field information, the content is an object, the key is the extended field name, and the value is the extended field value.
- tenant_id: Returns the user's tenant ID.
| openid profile | | context | object | No | Additional request context that will be passed to the context object of the Pipeline before and after authentication. Learn how to get additional context passed in the context parameter of the Pipeline](https://docs.genauth.ai/guides/pipeline/context-object.html). | {"source":"utm"} | | tenantId | string | No | Tenant ID | 625783d629f2bd1f5ddddd98c | | customData | object | No | To set additional user custom data, you need to configure custom data in the GenAuth console first. | {"school":"pku","age":"20"} |

¶ LoginTokenResponseDataDto

Name	Type	Is it required?	Description	Sample value
scope	string	No	Scope corresponding to access_token	`openid profile`
access_token	string	No	API call credentials, authorized to access resource API within a limited time	`eyJhbGciOiJSxxxxx`
id_token	string	No	User's identity credentials, which will contain user information after parsing	`eyJhbGxxxx`
refresh_token	string	No	refresh_token is used to obtain a new AccessToken	`WPsGJbvpBjqXz6IJIr1UHKyrdVF`
token_type	string	yes	token type	`bearer`
expire_in	number	yes	expiration time in seconds	`7200`

Previous article: Login with User Credentials Next article: Get Alipay AuthInfo

¶ Use mobile social login