Janrain Social API Documentation

Social Login Endpoints Overview

Social Login Endpoints

These endpoints focus on the mechanics of the login process including authentication, app settings, identity providers, and social profile data.

Social Sharing Endpoints

These endpoints focus on Social Sharing tasks, including getting/setting an app's sharing providers, returning the number of a times a given URL has been shared, and sharing activity information with a provider or specified recipients on a provider's network.

App Whitelist Endpoints

These endpoints query and change domains for an application's whitelist.

Backplane Server Endpoints

These endpoints query and configure the Backplane server (used to communicate with all of the Backplane-enabled apps on a page).

Account Mapping Endpoints

These endpoints query and change Social Login account mappings (the associations between a conventional user account and all of a user's social identities).

Social Login Error Codes

If an irrecoverable error occurs during the API call, Janrain will return an error response with a code and a message.

Error Code Description
-1 Service Temporarily Unavailable.
0 Missing parameter. Required parameter was not provided.
1 Invalid parameter. Provided parameter was in the wrong format.
1 Could not determine CNAME for custom domain. CNAME for the custom domain is not set in the Engage DB.
1 Supplied domain not found in partner domain whitelist. Custom domain is not in the Engage DB.
1 Invalid realm. This can mean several things: name is too long or too short, realm is too long or contains invalid characters, or the realm or custom domain is already taken by another application.
1 Invalid parameter: {parameter}. The provided parameter is the wrong format.
1 Invalid provider: {provider name}. One of the providers in the provided list is not valid.
1 {provider name} not configured. This provider must be configured before use.
1 Setting permissions not supported for this provider. Provider is invalid or does not have permissions that can be set.
1 Permission does not exist: {permission name}. One of the permissions in the provided list is not valid.
1 Permission not supported for this provider: {permission name}. One of the permissions in the provided list does not exist for this provider.
1 Permission can not be set: {permission name}. One of the permissions in the provided list cannot be set because of the application’s tier (basic, pro, and so on).
2 Data not found.
3 Authentication error.
3 Invalid partnerKey. Provided partner key does not exist.
3 Invalid apiKey. Provided API key does not exist.
4 Facebook error.
5 Mapping exists.
6 Error interacting with a previously-operational provider.
7 Engage account upgrade needed to access this API.
8 Missing third-party credentials for this identifier.
9 Third-party credentials have been revoked.
10 Your application is not properly configured.
11 The provider or identifier does not support this feature.
12 Google error.
13 Twitter error.
14 LinkedIn error.
15 LiveId error.
16 MySpace error.
17 Yahoo error.
18 Domain already exists.
19 App ID not found.

Endpoints

https://{domain}/api/v2

URI Parameters

domain string required

The social application domain name.

Example: rpxnow.com

/add_domain_patterns

Description

Use the add_domain_patterns call to append domains to the current whitelist for an application.

Accepted Content-types

  • application/x-www-form-urlencoded
  • multipart/form-data

post

Description

Example Request

curl -X POST \
    --data-urlencode apiKey=1234567891234567891234567891234567891234 \
    --data-urlencode domains='localhost, somewhere.com, *.examples.com' \
    https://rpxnow.com/api/v2/add_domain_patterns
Example Response
{
  "stat": "ok"
}

Query Parameters

apiKey string required

Your Social Login apiKey, which you can find on the Janrain Dashboard.

domains string required

A comma-separated list of domains that will be used as a whitelist for the website.

format string

The format in which you want the response: either xml or json. If not specified, the response defaults to json.

/add_or_update_access_token

Description

Adds or updates an OAuth access_token for a user outside the usual login flow.

When a user logs in with an OAuth1 or OAuth2 Identity Provider, Janrain will request an OAuth token from the provider. This OAuth token is used when making subsequent API calls to the provider. The add_or_update_access_token call adds a token retrieved using a different method to Janrain.

Possible Use Cases:

  • If you are migrating an existing application to Social Login or have otherwise acquired an OAuth token for a user outside of Janrain, you may wish to pass that token to in in order to make Janrain RESTful API calls for that user.
  • Data is needed for a user that has never registered using Social Login before. The user’s ID and access token are recorded, making it possible to use the get_user_data endpoint.

Only these identity providers support this call:

  • Facebook
  • RenRen
  • Soundcloud
  • Foursquare

Accepted Content-types

  • application/x-www-form-urlencoded
  • multipart/form-data

post

Description

Example Request

curl -X POST \
    --data-urlencode apiKey=1234567891234567891234567891234567891234 \
    --data-urlencode access_token=123456789123456789 \
    --data-urlencode identifier=https://www.google.com/profiles/123456789123456789123 \
    https://your-domain.rpxnow.com/api/v2/add_or_update_access_token
Example Response
{
  "stat": "ok"
}

Query Parameters

apiKey string required

Your Social Login apiKey, which you can find on the Janrain Dashboard.

format string

The format in which you want the response: either xml or json. If not specified, the response defaults to json.

identifier string required

The identifier associated with the provider.

This needs to to be formatted as a URL with profile number. For example:

https://www.google.com/profiles/123456789123456789123
token string required

The access_token to grant to the user. These tokens need to be requested from the individual Identity Provider according to their particular API.

/all_mappings

Description

The all_mappings call returns all of the stored mappings of an application, which is identified using the application’s apiKey. These mappings associate users with multiple identity provider accounts using a primary key.

Note: The mapping API lets sites store each of the user’s external identifiers along with the primary key of the site’s user/account record on the Janrain server. They are then included on every call to auth_info where the social identifier has been previously mapped.

Read the Account Mapping overview topic to learn more.

Accepted Content-types

  • application/x-www-form-urlencoded
  • multipart/form-data

post

Description

Example Request

curl -X POST \
    --data-urlencode apiKey=1234567891234567891234567891234567891234 \
    https://rpxnow.com/api/v2/all_mappings
Example Response
{
  "mappings": {
    "1": [
      "http:/www.example.com/"
    ],
    "2": [
      "http://examples.com/",
      "http://larry.example.com/"
    ]
  },
  "stat": "ok"
}

Query Parameters

apiKey string required

Your Social Login apiKey, which you can find on the Janrain Dashboard.

format string

The format in which you want the response: either xml or json. If not specified, the response defaults to json.

/auth_info

Description

This call is used to authenticate Social Login users. You must use https to make this call.

During the authentication process, the auth_info call is used to retrieve the profile information of the user. Using the apiKey of the application, and the one time token provided by Social Login, it returns the requested data from the Identity Provider.

Examples of auth_info responses by provider are available in the auth_info Overview topic.

Accepted Content-types

  • application/x-www-form-urlencoded
  • multipart/form-data

Portable Contacts Format

The Portable Contacts Format is industry standard. You can find the details at:

accessCredentials Fields

The list below shows the fields returned by accessCredentials, listed by Provider.

  • AmazonaccessToken, uid, expires, refreshToken, scopes
  • DisqusaccessToken, uuid, expires, refreshToken, type
  • FacebookaccessToken, expires, uid, type
  • Flickr, MySpace, Yahoo!oauthToken, oauthSessionHandle, oauthTokenSecret, type
  • GoogleoauthToken, oauthTokenSecret, scopes, type
  • Google+accessToken, uid, expires, scopes, type
  • InstagramaccessToken, uid, scopes, type
  • LinkedIn, Orkut, TwitteroauthToken, oauthTokenSecret, type
  • MixiaccessToken, refreshToken, expires, scopes
  • MYDIGIPASS.COMaccessToken, uid, type
  • PayPaluid
  • QQaccessToken, uid, scopes, type
  • Ren Rentype, oauthToken, uid, expires
  • Sound Cloud, Sina Weibotype, oauthToken, uid
  • tumblroauthToken, oauthTokenSecret, uid, type
  • VKaccessToken, uuid, expires, scopes, types
  • Microsoft Accounteact, type
  • XingoauthToken, oauthTokenSecret, uid, type

Provider Fields

The list below shows the fields returned by provider, listed by Provider.

  • Facebookalbums, games, groups, videos
  • Foursquaretype, pings, relationship
  • LinkedInassociations, patents, numRecommenders, industry, following, courses, certifications, publications, positions, jobBookmarks, honors, groupMemberships, mFeedRssUrl, skills, proposalComments, recommendations, volunteer
  • Mixioccupation, bloodType, favoriteThigns
  • PaypalverifiedAccount
  • SalesForcelocal, userType, active

post

Description

Example Request

curl -X POST \
    --data-urlencode apiKey=1234567891234567891234567891234567891234 \
    --data-urlencode token=a1b2c3d4e5f6g7h8i9j0 \
    --data-urlencode extended=false \
    --data-urlencode tokenUrl=https://example.com/token_url \
    https://rpxnow.com/api/v2/auth_info
Example Response
{
  "profile": {
    "name": {
      "givenName": "Sam",
      "familyName": "Knot",
      "formatted": "Sam Knot"
    },
    "verifiedEmail": "sam@example.com",
    "googleUserId": "123456789123456789123",
    "displayName": "sam",
    "preferredUsername": "sam",
    "url": "https://www.google.com/profiles/123456789123456789123",
    "providerName": "Google",
    "identifier": "https://www.google.com/profiles/123456789123456789123",
    "email": "sam@example.com"
  },
  "accessCredentials": {
    "scopes": "Blogger,Google Buzz,Google Contacts,YouTube,Picasa Web Albums,Google Calendar,Google Docs",
    "oauthToken": "1/1234567891234567891234567891234567891234567",
    "type": "OAuth",
    "oauthTokenSecret": "123456789123456789123456"
  },
  "merged_poco": {
    "urls": [
      {
        "type": "other",
        "value": "https://www.google.com/profiles/123456789123456789123"
      }
    ],
    "preferredUsername": "Sam",
    "name": {
      "formatted": "Sam Knot",
      "familyName": "Knot",
      "givenName": "Sam"
    },
    "languagesSpoken": [
      "en"
    ],
    "emails": [
      {
        "type": "other",
        "value": "sam@example.com"
      }
    ]
  },
  "stat": "ok"
}

Query Parameters

apiKey string required

Your Social Login apiKey, which you can find on the Janrain Dashboard.

extended string

Must be either true or false,false is the default. Returns the extended Simple Registration and HCard data in addition to the normalized Portable Contacts format. Ignored unless the application has a Pro or Enterprise service level.

format string

The format in which you want the response: either xml or json. If not specified, the response defaults to json.

token string required

The Social Login auth_info token.

tokenUrl string

Validate the specified tokenURL value against the tokenURL that was originally sent. See the 'Token URL mismatch' response example below for more details.

Responses

200 OK

Response Fields

Field Type Description
profile dictionary

A dictionary of fields forming the user’s profile. This data may have been obtained through SREG, HCard, but is represented in the standard Portable Contacts schema.

accessCredentials dictionary

If the user logged in with a provider that allows account access after authentication, this will be present and contain the user’s authorization credentials. The fields returned differ by provider and are referenced in the “accessCredentials Fields” section at the top of this page.

merged_poco dictionary

Merged Portable Contacts data will be present here if the extended request argument was true and extended profile data were available.

friends array

The user’s friends’ identifiers will be present here if the extended request argument was true and friends data is available.

following array

Supported by Twitter, Sound Cloud, and Sina Weibo only. The people whom the user is following will be present here if the extended request argument was true.

followers array

Supported by Twitter, Sound Cloud, and Sina Weibo only. The people who follow the user will be present here if the extended request argument was true.

friendships array

Supported by Twitter, Sound Cloud, and Sina Weibo only. People who are both following and followers will be present here if the extended request argument was true.

/get_app_settings

Description

Enables you to make API calls to get the following application properties (from the application settings page of the dashboard).

  • privacy policy — This URL is sent with requests for registration data and is displayed by the identity provider as a link to the user.
  • favicon — The URL of your favicon, which can be displayed by some identity providers during authentication.
  • domain redirect — This feature is only available for enterprise level apps and apps owned by Janrain’s partners. A URL redirect destination for users visiting your sign-in url (such as, http://foobar-signin.rpxnow.com).
  • post tokens to token_url — Use the POST method of HTTP requests to submit auth_info tokens to your token URL.
  • one-time use auth_info tokens — Tokens for the auth_info API call can be used only once.
  • google profile url — Return users’ globally unique Google profile URLs as the identifier element in the auth_info API call response instead of the OpenID URL.

Accepted Content-types

  • application/x-www-form-urlencoded
  • multipart/form-data

post

Description

Example Request

curl -X POST \
    --data-urlencode apiKey=1234567891234567891234567891234567891234 \
    https://your-domain.rpxnow.com/api/v2/get_app_settings
Example Response
{
  "stat": "ok",
  "privacyPolicy": null,
  "favicon": null,
  "domainRedirect": null,
  "postToTokenUrl": true,
  "oneTimeUseTokens": true,
  "googleProfileUrl": true
}

Query Parameters

apiKey string required

Your Social Login apiKey, which you can find on the Janrain Dashboard.

format string

The format in which you want the response: either xml or json. If not specified, the response defaults to json.

/get_available_providers

Description

Returns a list of configured providers for an application. The providers call is similar, but only returns providers configured for an application. This call is used if you are using custom code for Social Login instead of using the Janrain JavaScript implementation.

There are no required parameters or authentication to use for get_available_providers.

Accepted Content-types

  • application/x-www-form-urlencoded
  • multipart/form-data

post

Description

Example Request

curl -X POST \
    https://your-domain.com/api/v2/get_available_providers
Example Response
{
  "stat": "ok",
  "signin": [
    "aol",
    "blogger",
    "facebook",
    "flickr",
    "google",
    "hyves",
    "livejournal",
    "myopenid",
    "netlog",
    "openid",
    "verisign",
    "wordpress",
    "yahoo"
  ],
  "social": [
    "facebook",
    "yahoo"
  ],
  "share": [
    "facebook",
    "yahoo"
  ]
}

Query Parameters

callback string

Specifies the return of a JSONP-formatted response. The format parameter will be ignored if callback is present.

format string

The format in which you want the response: either xml or json. If not specified, the response defaults to json.

/get_backplane_properties

Description

Use this call for Backplane Protocol enabled Janrain solutions only. For more information on updating web elements with the Backplane Protocol, please read the Backplane Protocol page.

The get_backplane_properties call queries the Backplane server to verify that Backplane credentials have been set up. If the proper credentials are in place, details are returned. If not, no details are returned.

Accepted Content-types

  • application/x-www-form-urlencoded
  • multipart/form-data

post

Description

Example Request

curl -X POST \
    --data-urlencode apiKey=1234567891234567891234567891234567891234 \
    https://rpxnow.com/api/v2/get_backplane_properties
Example Response
{
  "stat": "ok",
  "backplane_servers": []
}

Query Parameters

apiKey string required

Your Social Login apiKey, which you can find on the Janrain Dashboard.

format string

The format in which you want the response: either xml or json. If not specified, the response defaults to json.

/get_contacts

Description

The get_contacts call uses the apiKey and identifier to return a list of all the contacts related to the user. The data returned and type of relationship differs between Identity Providers.

The Identity Providers that support this call are:

  • Facebook — Only for apps created before April 30th, 2014. Apps created after this date do not have access to get_contacts. Please refer to this support notification for more information.
  • Google — Deprecated
  • Google+ — Does not support friendships, followers, or friends. Does support addressBook and following
  • Twitter — Does not support friends. Does support followers, following, and friendships. See get_contacts Response for more details.
  • Yahoo!
  • LinkedIn — r_network permission is required to use get_contacts.
  • Windows Live
  • Salesforce
  • Disqus
  • Mixi
  • Myspace
  • Sina Weibo
  • RenRen
  • Soundcloud
  • Tencent Weibo
  • Tumblr
  • VK — Does not support friendships. Does support friends, followers, and following. See get_contacts Response for more details.

Accepted Content-types

  • application/x-www-form-urlencoded
  • multipart/form-data

post

Description

Example Request

curl -X POST \
    --data-urlencode apiKey=1234567891234567891234567891234567891234 \
    --data-urlencode identifier=0987098709870987 \
    --data-urlencode contactType=friends \
    https://rpxnow.com/api/v2/get_contacts
Example Response
{
  "response": {
    "startIndex": 1,
    "entry": [
      {
        "emails": [
          {
            "type": "other",
            "value": "bob@example.com"
          }
        ],
        "displayName": "Bob Johnson"
      },
      {
        "emails": [
          {
            "type": "other",
            "value": "cindy.smith@example.com"
          }
        ],
        "displayName": "Cindy Smith"
      },
      {
        "emails": [
          {
            "type": "other",
            "value": "fred.williams@example.com"
          }
        ],
        "displayName": "Fred Williams"
      },
      {
        "emails": [
          {
            "type": "other",
            "value": "j.lewis@example.com"
          }
        ]
      },
      {
        "emails": [
          {
            "type": "other",
            "value": "mary.jones@example.com"
          }
        ],
        "displayName": "Mary Jones"
      },
      {
        "emails": [
          {
            "type": "other",
            "value": "p.green@example.com"
          }
        ],
        "displayName": "Patricia Green"
      }
    ],
    "itemsPerPage": 5,
    "totalResults": 5
  },
  "stat": "ok"
}

Query Parameters

apiKey string required

Your Social Login apiKey, which you can find on the Janrain Dashboard.

contactType string

Specify friends to return identifiers for every friend of the user. If you do not specify a value, friends will be returned if available.

Twitter does not support the friends contactType. Instead specify followers, following, or friendships. If you do not specify a value, following will be returned.

  • followers – the people following the user.
  • following – the people the user is currently following. For Google+ this includes the users “circles.”
  • friendships – The people for whom followers and following are both true.
  • addressBook – this value is for Google+ only, it gets the user’s whole address book.

Note: VK supports followers and following, but not friendships. No other providers support any of these values, and will return an error.

existingUser string

Values are true and false. If true returns a value that identifies if a user has previously authenticated with the Janrain application before.

format string

The format in which you want the response: either xml or json. If not specified, the response defaults to json.

identifier string required

The identifier returned from the auth_info API call.

The application must be configured to request this information in the Provider Configuration screen. In addition, the visitor must approve this request during sign-in. The auth_info accessCredentials section includes an expiration time for the permissions that enable get_contacts. This call must be made before the expiration time.

providerFields string

Supported by facebook, linkedin, mixi, salesforce, vk and xing. This parameter is ignored for unsupported providers.

Define a comma-separated list of provider specific profile fields to return the associated data.

Note: No validation is performed. Passing the wrong field names might result in an error. Consult the provider’s documentation for valid profile fields.

Responses

200 OK

Response Fields

Field Type Description
response array

User Profile data representing the address book contents for the identifier.

/get_domain_patterns

Description

Use this call to return a list of all domains currently whitelisted for an application.

post

Description

Example Request

curl -X POST \
    --data-urlencode apiKey=1234567891234567891234567891234567891234 \
    https://rpxnow.com/api/v2/get_domain_patterns
Example Response
{
  "stat": "ok",
  "domains" : ["localhost", "somewhere.com", "*.example.com"]
}

Query Parameters

apiKey string required

Your Social Login apiKey, which you can find on the Janrain Dashboard.

domains string required

A comma-separated list of domains that will be used as a whitelist for the website.

format string

The format in which you want the response: either xml or json. If not specified, the response defaults to json.

/get_share_count

Description

Returns the number of a times a given URL has been shared.

Accepted Content-types

  • application/x-www-form-urlencoded
  • multipart/form-data

post

Description

Example Request

curl -X POST \
    --data-urlencode apiKey=1234567891234567891234567891234567891234 \
    --data-urlencode url=http://example.com/pinboard \
    https://my-engage-domain.com/api/v2/get_share_count

Query Parameters

apiKey string

Your Social Login apiKey, which you can find on the Janrain Dashboard.

callback string

When a value is added, returns data in JSONP format.

format string

The format in which you want the response: either xml or json. If not specified, the response defaults to json.

provider string

Values is an identity provider. When specified, returns a share count specific to that provider.

url string required

The URL that was shared.

/get_share_providers

Description

Note: This API call works only with the current Sharing solution.

It returns a list of email and sharing providers configured for the application. This call has no required parameters; it identifies the proper application by the realm prefacing the URL path.

Accepted Content-types

  • application/x-www-form-urlencoded
  • multipart/form-data

post

Description

Example Request

curl -X POST \
    https://my-engage-domain.com/api/v2/get_share_providers
Example Response
{
  "email": [
    "google",
    "yahoo"
  ],
  "share": [
    "email",
    "linkedin"
  ],
  "stat": "ok"
}

Query Parameters

callback string

Specifies the return of a JSONP-formatted response. The format parameter will be ignored if callback is present.

format string

The format in which you want the response: either xml or json. If not specified, the response defaults to json.

/get_user_data

Description

Note: Certain tiers may not have access to this feature.

Use the get_user_data call to obtain an up-to-date copy of a user’s profile as previously returned by an auth_info API call.

Warning: It is possible that the access token will expire prematurely if the user deauthorizes the customer’s application or if they change their password. Your implementation of this call should take this into account.

This feature is supported for identifiers from the following providers:

  • Facebook
  • Microsoft Account
  • Yahoo!
  • Twitter
  • MySpace
  • LinkedIn
  • Renren
  • Sina Weibo
  • SoundCloud

Note: Each provider has different expiration times. This call must be made in the lifespan of the access token. Check with your provider for their default token expiration.

Provider specific data is the same as returned by auth_info.

Accepted Content-types

  • application/x-www-form-urlencoded
  • multipart/form-data

post

Description

Example Request

This method's response is identical to that of the auth_info API call.

curl -X POST \
    --data-urlencode apiKey=1234567891234567891234567891234567891234 \
    --data-urlencode identifier=http://www.facebook.com/profile.php?id=1234567898765432 \
    https://rpxnow.com/api/v2/get_user_data
Example Response
{
  "profile": {
    "name": {
      "givenName": "Sam",
      "familyName": "Knot",
      "formatted": "Sam Knot"
    },
    "verifiedEmail": "sam@example.com",
    "googleUserId": "123456789123456789123",
    "displayName": "sam",
    "preferredUsername": "sam",
    "url": "https://www.google.com/profiles/123456789123456789123",
    "providerName": "Google",
    "identifier": "https://www.google.com/profiles/123456789123456789123",
    "email": "sam@example.com"
  },
  "accessCredentials": {
    "scopes": "Blogger,Google Buzz,Google Contacts,YouTube,Picasa Web Albums,Google Calendar,Google Docs",
    "oauthToken": "1/1234567891234567891234567891234567891234567",
    "type": "OAuth",
    "oauthTokenSecret": "123456789123456789123456"
  },
  "merged_poco": {
    "urls": [
      {
        "type": "other",
        "value": "https://www.google.com/profiles/123456789123456789123"
      }
    ],
    "preferredUsername": "Sam",
    "name": {
      "formatted": "Sam Knot",
      "familyName": "Knot",
      "givenName": "Sam"
    },
    "languagesSpoken": [
      "en"
    ],
    "emails": [
      {
        "type": "other",
        "value": "sam@example.com"
      }
    ]
  },
  "stat": "ok"
}

Query Parameters

apiKey string required

Your Social Login apiKey, which you can find on the Janrain Dashboard.

extended string

Must be true or false. false is the default. Returns the extended Simple Registration and HCard data in addition to the normalized Portable Contacts format.

format string

The format in which you want the response: either xml or json. If not specified, the response defaults to json.

identifier string required

The identifier returned from a previous auth_info API call. The identifier is usually a URL.

/map

Description

Use the map to associate a primary key with a user’s social identity.

Note: The mapping API lets sites store each of the user’s external identifiers along with the primary key of the site’s user/account record on the Janrain server. They are then included on every call to auth_info where the social identifier has been previously mapped.

Read the Account Mapping overview topic to learn more.

Accepted Content-types

  • application/x-www-form-urlencoded
  • multipart/form-data

post

Description

Example Request

curl -X POST \
    --data-urlencode apiKey=1234567891234567891234567891234567891234 \
    --data-urlencode identifier=0987098709870987 \
    --data-urlencode primaryKey=12 \
    https://rpxnow.com/api/v2/map
Example Response
{
  "stat": "ok"
}

Query Parameters

apiKey string required

Your Social Login apiKey, which you can find on the Janrain Dashboard.

format string

The format in which you want the response: either xml or json. If not specified, the response defaults to json.

identifier string required

The identifier returned from the auth_info API call.

overwrite string

Must be true (the default) or false. If false, only create the mapping if one does not already exist for the specified identifier.

primaryKey string

The primary key from your users table, as a string.

/mappings

Description

The mappings call returns all the stored Identity Providers associated with a particular user’s primary key.

Note: The mapping API lets sites store each of the user’s external identifiers along with the primary key of the site’s user/account record on the Janrain server. They are then included on every call to auth_info where the social identifier has been previously mapped.

Read the Account Mapping overview topic to learn more.

Accepted Content-types

  • application/x-www-form-urlencoded
  • multipart/form-data

post

Description

Example Request

curl -X POST \
    --data-urlencode apiKey=1234567891234567891234567891234567891234 \
    --data-urlencode primaryKey=0987098709870987 \
    https://rpxnow.com/api/v2/mappings
Example Response
{
  "stat": "ok",
  "identifiers": [
    "http://facebook.com/larry",
    "http://larrydrebes.com/"
  ]
}

Query Parameters

apiKey string required

Your Social Login apiKey, which you can find on the Janrain Dashboard.

format string

The format in which you want the response: either xml or json. If not specified, the response defaults to json.

primaryKey string required

The primary key from your users table, as a string.

/providers

Description

This call returns a list of configured sign-in or social providers configured for an application. Note: This API call does not use the apiKey to identify the application, but rather, it must be called on the application’s domain.

Accepted Content-types

  • application/x-www-form-urlencoded
  • multipart/form-data

post

Description

Example Request

curl -X POST \
    https://your-domain.com/api/v2/providers
Example Response
{
  "stat": "ok",
  "signin": [
    "aol",
    "facebook",
    "foursquare",
    "google",
    "linkedin",
    "live_id",
    "mixi",
    "openid",
    "orkut",
    "paypal",
    "salesforce",
    "sinaweibo",
    "twitter",
    "yahoo"
  ],
  "social": [
    "facebook",
    "linkedin",
    "myspace",
    "twitter"
  ],
  "shareWidget": {
    "share": [
      "email",
      "facebook",
      "linkedin",
      "myspace",
      "twitter",
      "yahoo"
    ],
    "email": [
      "google",
      "yahoo"
    ]
  }
}

Query Parameters

format string

The format in which you want the response: either xml or json. If not specified, the response defaults to json.

Responses

200 OK

Field Type Description
signin dictionary A list of configured sign-in provider names for the application.
social dictionary A list of configured social provider names for the application.
share dictionary A list of configured sharing providers.
email dictionary A list of configured sharing direct share providers.
callback dictionary Specifies the return of a JSONP-formatted response. The format parameter will be ignored if callback is present.

/set_app_settings

Description

Enables you to make API calls to set the following application properties (from the application settings page of the dashboard).

  • privacy policy — This URL is sent with requests for registration data and is displayed by the identity provider as a link to the user.
  • favicon — The URL of your favicon, which can be displayed by some identity providers during authentication.
  • domain redirect — This feature is only available for enterprise level apps and apps owned by Janrain’s partners. A URL redirect destination for users visiting your sign-in url (such as, http://foobar-signin.rpxnow.com).
  • post tokens to token_url — Use the POST method of HTTP requests to submit auth_info tokens to your token URL.
  • one-time use auth_info tokens — Tokens for the auth_info API call can be used only once.
  • google profile url — Return users’ globally unique Google profile URLs as the identifier element in the auth_info API call response instead of the OpenID URL.

Separate settings in the set_app_settings call with an ampersand (&). So the query:

privacyPolicy=https%3A%2F%2Fmysite.com%2Fprivacy&favicon=http%3A%2F%2Fmysite.com%2Ffavicon.ico&googleProfileUrl=true

sets privacyPolicy, favicon, and googleProfileUrl.

Accepted Content-types

  • application/x-www-form-urlencoded
  • multipart/form-data

post

Description

Example Request

curl -X POST \
    --data-urlencode apiKey=1234567891234567891234567891234567891234 \
    --data-urlencode privacyPolicy=https://mysite.com/privacy \
    --data-urlencode favicon=http://mysite.com/favicon.ico \
    --data-urlencode googleProfileUrl=true \
    https://your-domain.rpxnow.com/api/v2/get_app_settings
Example Response
{
  "stat": "ok"
}

Query Parameters

apiKey string required

Your Social Login apiKey, which you can find on the Janrain Dashboard.

domainRedirect string

The URL for the redirect.

favicon string

URL of your favicon.

format string required

The format in which you want the response: either xml or json. If not specified, the response defaults to json.

googleProfileUrl string

A boolean, true or false.

oneTimeUseTokens string

A boolean, true or false.

postToTokenUrl string

A boolean, true or false.

privacyPolicy string

Full URL to the location of your privacy policy.

/set_auth_providers

Description

Use set_auth_providers to define the list of identity providers provided by the Janrain server to sign-in enabled pages. This is the same list that is managed by the dashboard.

This call modifies the list of providers presented to the user.

Accepted Content-types

  • application/x-www-form-urlencoded
  • multipart/form-data

post

Description

Example Request

This method returns an empty success response if it completes without error.

curl -X POST \
    --data-urlencode apiKey=1234567891234567891234567891234567891234 \
    --data-urlencode providers='["facebook","yahoo"]' \
    https://rpxnow.com/api/v2/set_auth_providers
Example Response
{
  "stat": "ok"
}

Query Parameters

apiKey string required

Your Social Login apiKey, which you can find on the Janrain Dashboard.

device_type string

If left blank, set_auth_providers will affect the provider list for the web version of the Social Login UI.

Other values include:

  • web — changes the providers presented to normal web traffic.
  • iphone — changes the providers presented to web traffic identified as originating from an iPhone.
  • android — changes the providers presented to web traffic identified as originating from an android based mobile device.
format string

Requested response format: either xml or json. If not specified, the response defaults to json.

providers string required

A comma-separated string of provider specifiers. See Identity Providers.

/set_backplane_properties

Description

The set_backplane_properties call configures the Backplane server used to communicate with all of the Backplane enabled apps on a page. For more information on updating apps with the Backplane, please refer to the Janrain Backplane page.

Accepted Content-types

  • application/x-www-form-urlencoded
  • multipart/form-data

post

Description

Example Request

curl -X POST \
    --data-urlencode apiKey=1234567891234567891234567891234567891234 \
    --data-urlencode server=example.com \
    --data-urlencode bus=example_bus \
    --data-urlencode username=larrydrebes \
    --data-urlencode password=rosebud \
    https://rpxnow.com/api/v2/set_backplane_properties
Example Response
{
  "stat": "ok"
}

Query Parameters

apiKey string required

Your Social Login apiKey, which you can find on the Janrain Dashboard.

bus string required

The Backplane bus name.

format string

The format in which you want the response: either xml or json. If not specified, the response defaults to json.

password string required

Only required when you do not use remove. The password for the Backplane credential.

remove string

Must be true or false, false is the default. If false, add a new Backplane configuration; otherwise, remove the Backplane configuration for the specified server or bus.

server string required

The Backplane server’s domain name, such as, example.com.

username string required

Only required when you do not use remove. The user name for the Backplane credential.

version string

The Backplane server version, for example, v1.1. The default value is v1.

/set_domain_patterns

Description

Use the set_domain_patterns call to replace the current whitelist for an application.

Accepted Content-types

  • application/x-www-form-urlencoded
  • multipart/form-data

post

Description

Example Request

curl -X POST \
    --data-urlencode apiKey=1234567891234567891234567891234567891234 \
    --data-urlencode domains='["localhost", "somewhere.com", "*.example.com"]' \
    https://rpxnow.com/api/v2/set_domain_patterns
Example Response
{
  "stat": "ok"
}

Query Parameters

apiKey string required

Your Social Login apiKey, which you can find on the Janrain Dashboard.

domains string required

A comma-separated list of domains that will be used as a whitelist for the website.

format string

The format in which you want the response: either xml or json. If not specified, the response defaults to json.

/set_share_providers

Description

Use set_share_providers to define the providers offered by Social Sharing. You can set both sharing and email providers.

Note: This call overwrites the existing providers, if any.

In addition to the providers listed in the share parameter, you can enter email as well. This signifies direct sharing through email.

Accepted Content-types

  • application/x-www-form-urlencoded
  • multipart/form-data

post

Description

Example Request

curl -X POST \
    --data-urlencode apiKey=1234567891234567891234567891234567891234 \
    --data-urlencode share='email, linkedin' \
    https://rpxnow.com/api/v2/set_share_providers
Example Response
{
  "stat": "ok"
}

Query Parameters

apiKey string required

Your Social Login apiKey, which you can find on the Janrain Dashboard.

email string

Email providers to add as choices. You can leave this empty, in which case the UI will have no email provider options.

format string

The format to use in the response, either json, or xml. The default is json.

share string required

Sharing providers to add as choices. This may be left empty, in which case the UI will have no sharing provider options.

/sharing/broadcast

Description

The broadcast call shares activity information directly with a provider. The information provided in the parameters is passed along to a provider to publish on their network.

The broadcast call shares with one provider at a time, determined by the identifier or device_token that you use.

Note: Not all providers support all sharing parameters. To see which providers support what features, refer to the Sharing Support by Provider page.

Accepted Content-types

  • application/x-www-form-urlencoded
  • multipart/form-data

post

Description

Example Request

The response includes a "share" element which returns fields that were actually passed to the provider. If the provider does not support a parameter, it will not be included in the result. For example, if the customer passed in a param for "media" but the provider does not accept that parameter, it will be missing from the "share" response.

curl -X POST \
    --data-urlencode apiKey=1234567891234567891234567891234567891234 \
    --data-urlencode identifier=0987098709870987 \
    --data-urlencode message='Testing one two three' \
    --data-urlencode title='My title' \
    --data-urlencode url=http://test.com \
    --data-urlencode image=http://www.janrain.com/sites.default/themes/janrain/logo.png \
    --data-urlencode actionLink='{"name": "Example", "link": "http://www.example.com"}' \
    https://rpxnow.com/api/v2/sharing/broadcast
Example Response
{
  "provider": "facebook",
  "mode": "broadcast",
  "success": true,
  "results": [
    {
      "success": true,
      "recipientId": "me",
      "shareResultUrl": "http://wwww.facebook.com/100002302927767/posts/939384179481671",
      "share": {
        "message": "Hey come look at this amazing thing!",
        "title": "Share this!",
        "url": "http://rpx.me/QlU9l",
        "description": "Nananana na na na hey hey hey gooooood bye",
        "image": "http://www.coolmath.com/fractals/images/fractal11.gif",
        "media": "",
        "actionName": "",
        "objectName": "",
        "objectId": ""
      },
      "messageId": "100002302927767_939384179481671"
    }
  ]
}

Query Parameters

actionLink string

The link that appears below the user-generated message and content fields. In the case of Facebook, this link appears next to the Like and Comment links.

apiKey string

Your Social Login apiKey, which you can find on the Janrain Dashboard.

description string

The description of the shared content. This appears in the preview of the shared object and describes what is being shared.

device_token string

The identifier URL or device_token of the user sharing an activity. Do not use the device_token with mobile browsers.

format string

The format to be used in the response, either json, or xml. The default is json.

identifier string

The identifier URL or device_token of the user sharing an activity. Do not use the device_token with mobile browsers.

image string

An image associated with the content being shared.

media string

The Flash or video object associated with the content being shared.

message string required

Message associated with the activity being shared.

objectId string

Facebook only. Use this parameter to share to a Facebook fan page instead of the User’s wall. The value is the Object ID assigned to the fan page. See the Facebook developer documentation for more information on the Object ID.

shortenUrl string

Available to Pro and Enterprise customers only. When false, turns the automatic Janrain URL shortening service off. When true, activates URL shortening.

source string

URL of the site sharing the activity.

title string

The title given to the shared content.

url string

The URL associated to the content being shared.

/sharing/direct

Description

This API shares activity information directly with the specified recipients on a provider’s network, instead of publishing it to everyone on the network.

The direct call shares with one provider at a time, determined by the identifier or device_token you enter.

Note: Not all providers support all sharing parameters. To see which providers support what features, refer to the Sharing Support by Provider page.

Accepted Content-types

  • application/x-www-form-urlencoded
  • multipart/form-data

post

Description

Example Request

curl -X POST \
    --data-urlencode apiKey=1234567891234567891234567891234567891234 \
    --data-urlencode identifier=0987098709870987 \
    --data-urlencode recipients='["http://twitter.com/account/profileuser_id=blah75313"]' \
    --data-urlencode message='Testing one two three' \
    --data-urlencode title='My title' \
    --data-urlencode url=http://rpxme.com/foo \
    https://rpxnow.com/api/v2/sharing/direct
Example Response
{
  "stat": "ok",
  "response": {
    "provider": "twitter",
    "mode": "direct",
    "success": true,
    "recipientIds": [
      "123456789"
    ],
    "results": [
      {
        "success": true,
        "recipientId": "123456789",
        "share": {
          "message": "Testing one two three."
        },
        "messageId": "123456789123456789"
      }
    ]
  }
}

Query Parameters

actionLink string

The link that appears below the user-generated message and content fields.

apiKey string

Your Social Login apiKey, which you can find on the Janrain Dashboard.

description string

The description of the shared content. This appears in the preview of the shared object and describes what is being shared.

device_token string

The identifier URL or device_token of the user sharing an activity. Do not use the device_token with mobile browsers.

format string

The format to be used in the response, either json, or xml. The default value is json.

identifier string

The identifier URL or device_token of the user sharing an activity. Do not use the device_token with mobile browsers.

image string

An image associated with the content being shared.

media string

A Flash or video object associated with the content being shared.

message string required

Message associated with the activity being shared.

recipients string required

A list of identifiers in JSON associated with the recipients being contacted.

recipientUrls string

Allows for sharing multiple urls to multiple recipients. The value is a JSON object of recipients and shared urls. Example:

{"http://myidentifier.com": "http://janrain.com"}

Recipients not appearing in this object use the value defined in the url parameter to share.

shortenUrl string

Available to Pro and Enterprise customers only. When false, turns the automatic Janrain URL shortening service off. When true, activates URL shortening.

source string

The URL of the site sharing the activity.

title string required

The title given to the shared content.

url string required

The URL associated to the content being shared.

/unmap

Description

Unmapping removes an Identity Provider from a primary key as well as allowing you to optionally unlink your application from the user’s account with the provider.

It may be helpful to review the mappings call.

Read the Account Mapping overview topic to learn more.

Accepted Content-types

  • application/x-www-form-urlencoded
  • multipart/form-data

post

Description

Example Request

curl -X POST \
    --data-urlencode apiKey=1234567891234567891234567891234567891234 \
    --data-urlencode identifer=0987098709870987 \
    --data-urlencode all_identifiers=true \
    --data-urlencode primaryKey=12 \
    --data-urlencode unlink=true \
    https://rpxnow.com/api/v2/unmap
Example Response
{
  "stat": "ok"
}

Query Parameters

apiKey string required

Your Social Login apiKey, which you can find on the Janrain Dashboard.

identifier string required

The identifier currently mapped to the primaryKey.

all_identifiers string

Must be true or false, false is the default. If true, all identifiers mapped to the primaryKey are removed.

primaryKey string required

The primary key from your users table, as a string.

unlink string

Must be true or false, false is the default. If true, unlinks your application from the user’s account with the provider. Only Facebook is supported currently.

format string

The format in which you want the response: either xml or json. If not specified, the response defaults to json.