Social Signup

How to signup a user using a ‘Social’ account to the CoSync REST API #

Signup user using a Social account. This function will sign up a user to the CoSync Auth service using a social account token. Currently, the CoSync Auth system supports both Apple Id and Google Gmail social login protocols. This function receives the social token from the social login provider and a provider string that specifies the social provider (for instance, ‘apple’ or ‘google’).

This function will fail if the metaData requirements are not met and return a 604.

The metaData is structured JSON data that is passed to the CoSync Auth service at the time of signup. If the signup is successful and a new user is created, the metaData is saved in the metaData of the user. This mechanism allows a new user to pass information like signup coupon codes. Typically the social provider will provide information that can be used to create the metaData with such as the user’s first and last names, along with the user’s email for the handle parameter.

If successful, this function will return the jwt and access-token for the newly signed up user. The socialSignup function will not succeed if a user email account has previously been established for the ’email’ provider or if an account with an alternative social provider already exists for the same email.

The usual process for managing a social sign-in button (Apple or Google) involves initially attempting a socialLogin. If that fails due to the non-existence of the account, the next step is to fall back to a socialSignup call.

This function can be passed an option locale parameter, which specifies the user’s locale.

URL #
    /api/appuser/socialSignup
Method #
    POST
Headers #
    app-token: "<App Token>"
Data Parameter #
   {
        token: "<social token>",
        provider: "<social provider ('apple' or 'google')>"
        handle: "<user handle>",
        metaData: "<JSON string of user meta data>"
        locale: <"locale for user">
    }

Response: #

Success: #
StatusCode: #
    200 (OK)
Contents: #
    {
        jwt: "<JWT for logged in user>",
        access-token: "<access token for user>"
    }
Error: #
StatusCode: #
    400 (BAD REQUEST)
    500 (INTERNAL SERVER ERROR)
Content: #
    {
        code: "<internal error code>",
        message: "<readable error description>"
    }

The internal codes are integers:

  • 400 - invalid app token
  • 401 - app no longer exists
  • 402 - app is suspended
  • 403 - missing parameter
  • 404 - user account is suspended
  • 407 - app does not support signup
  • 413 - app is migrated
  • 415 - app does not support Apple login
  • 416 - app does not support Google login
  • 500 - internal server error
  • 601 - handle already registered
  • 602 - secondary already registered
  • 604 - invalid metadata
  • 609 - invalid locale
  • 611 - apple account already exist
  • 612 - google account already exist
  • 613 - token is invalid