Getting Started with Social Connections

Enable OAuth login to your application with Google, Microsoft, GitHub, etc.

Single Sign-On (SSO) enhances B2B SaaS application security and user experience by enabling secure authentication through an organization's Identity Provider (IdP). Some organizations use social identity providers like Google, Microsoft, GitHub, Salesforce etc.

Scalekit enables your users login to your application with any of the social identity providers through OAuth 2.0. This quickstart guide will show you how to add Social Login (e.g., Login with Google) functionality to your application with just a few lines of code.

Login with Social Providers via Scalekit

1. Environment Setup

Before diving in, make sure you have:

• Access to your Scalekit account and API credentials
• Your app's codebase for implementing and testing changes

Install the Scalekit SDK

Scalekit offers language-specific SDKs for quick and easy integration with social login providers. Use the installation instructions below for your technology stack.

Setup SDK

Node.js

npm install @scalekit-sdk/node

Python

pip install scalekit-sdk-python

Go

go get -u github.com/scalekit-inc/scalekit-sdk-go

Java

/* Gradle users - add the following to your dependencies in build file */
implementation "com.scalekit:scalekit-sdk-java:1.0.1"

<!-- Maven users - add the following to your `pom.xml` -->
<dependency>
    <groupId>com.scalekit</groupId>
    <artifactId>scalekit-sdk-java</artifactId>
    <version>1.0.1</version>
</dependency>

Set up API credentials

Secure your Scalekit API communication by setting up environment variables. You'll need three key pieces of information from your Scalekit Dashboard:

1. Environment URL: The base URL for API calls. Each environment (dev, staging, prod) has a unique URL.
2. Client ID: Your app's unique identifier for Scalekit communications.
3. Client Secret: A private key to authenticate your API requests. Always keep this secret!

Get Your Credentials

1. Log into your Scalekit Dashboard.
2. Select the "Development" environment.
3. Click on "API Config" to view your credentials.

Store Credentials Securely

Never hardcode secrets in your app. Use environment variables instead. Here's how to set them in a .env file:

.env

SCALEKIT_ENVIRONMENT_URL = 'https://b2b-app-dev.scalekit.com';
SCALEKIT_CLIENT_ID = '<CLIENT_ID_FROM_SCALEKIT_DASHBOARD>';
SCALEKIT_CLIENT_SECRET = '<SECRET_FROM_SCALEKIT_DASHBOARD>';

Now you're ready to start integrating social connections into your app! Next, we'll cover how to use the SDK to authenticate users.

2. Authorize the Users

To start login with social connections, your app must redirect users to the Scalekit Authorization URL with appropriate social connection provider details.

Construct the Authorization URL using the following query parameters:

Parameter	Details
redirect_uri	Where Scalekit sends users after IdP authentication. Example: https://your-saas-app.com/auth/callback After the user is logged into the social provider, Scalekit redirects the user to this URI with one time authorization code. In the later section, we will explain how to use this unique code to fetch user details
client_id	Your app's unique Scalekit identifier which is mandatory for all requests. This uniquely identifies both your app and the environment (staging, prod).
provider	Informs Scalekit which Social Provider to use. You can use provider as the request parameter with value being the unique code of the provider. For e.g., microsoft. Currently, we support the following providers: google, microsoft, github, gitlab, linkedin, salesforce

Example Authorization URL

https://auth.scalekit.com/authorize
  ?client_id=skc_1220XXXXX349527
  &redirect_uri=https://yourapp.com/auth/callback
  &provider=microsoft

See our Authorization URL Parameters Guide for a full list of accepted parameters.

Next, construct your Authorization URL with these parameters and redirect users to this URL when they try to log in.

Node.js

import { Scalekit } from '@scalekit-sdk/node';

// Initialize the SDK client
const scalekit = new Scalekit(
  '<SCALEKIT_ENVIRONMENT_URL>',
  '<SCALEKIT_CLIENT_ID>',
  '<SCALEKIT_CLIENT_SECRET>',
);

const authorizationURL = scalekit.getAuthorizationUrl(redirectUri, {
  provider: 'microsoft',
  state: state, // optional
});

// Redirect the user to this authorizationURL

Python

from scalekit import ScalekitClient, AuthorizationUrlOptions, CodeAuthenticationOptions

# Initialize the SDK client
scalekit_client = ScalekitClient(
  '<SCALEKIT_ENVIRONMENT_URL>',
  '<SCALEKIT_CLIENT_ID>',
  '<SCALEKIT_CLIENT_SECRET>'
)

options = AuthorizationUrlOptions()

options.provider = 'microsoft'

authorization_url = scalekit_client.get_authorization_url(
  redirect_uri=<redirect_uri>,
  options=options
)

# Redirect the user to this authorization URL

Go

import (
  "github.com/scalekit/scalekit-sdk-go"
)

func main() {
  scalekitClient := scalekit.NewScalekitClient(
    "<SCALEKIT_ENVIRONMENT_URL>",
    "<SCALEKIT_CLIENT_ID>",
    "<SCALEKIT_CLIENT_SECRET>"
  )

  options := scalekitClient.AuthorizationUrlOptions{}
  // Pass the Social Login Provider details while constructing the authorization URL.
  options.Provider = "microsoft"

  authorizationURL := scalekitClient.GetAuthorizationUrl(
    redirectUrl,
    options,
  )
  // Next step is to redirect the user to this authorization URL
}

Java

package com.scalekit;

import com.scalekit.internal.http.AuthorizationUrlOptions;

public class Main {

  public static void main(String[] args) {
    ScalekitClient scalekitClient = new ScalekitClient(
      "<SCALEKIT_ENVIRONMENT_URL>",
      "<SCALEKIT_CLIENT_ID>",
      "<SCALEKIT_CLIENT_SECRET>"
    );
    AuthorizationUrlOptions options = new AuthorizationUrlOptions();
    options.setProvider("microsoft");
    try {
      // Pass the Social Login Provider details while constructing the authorization URL.
      String url = scalekitClient
        .authentication()
        .getAuthorizationUrl(redirectUrl, options)
        .toString();
    } catch (Exception e) {
      System.out.println(e.getMessage());
    }
  }
}

Finally, handle the callback at your redirect_uri to complete the Authentication.

3. Fetch User Details

After a successful SSO, Scalekit redirects the user to your redirect_uri with a unique code in the browser. Exchange the code for user profile details (on the serverside).

Here's how to turn that code into user data:

Node.js

const { code, state } = req.query;

if (error) {
  // Handle errors
}

const res = await scalekit.authenticateWithCode(code, redirectUri);

// res.user has the authenticated user's details
const userEmail = res.user.email;

// Next step: create a session for this user and allow access

Python

code = request.args.get('code')
error = request.args.get('error')
error_description = request.args.get('error_description')

if error:
    raise Exception(error_description)

result = scalekit_client.authenticate_with_code(
  code,
  <redirect_uri>
)

# result.user has the authenticated user's details
user_email = result.user.email

# Next step: create a session for this user and allow access

Go

code := r.URL.Query().Get("code")
error := r.URL.Query().Get("error")
errorDescription := r.URL.Query().Get("error_description")

if error != "" {
  // Handle errors and exit
}

res, err := sc.AuthenticateWithCode(code, redirectUrl)
if err != nil {
  // Handle errors and exit
}

// res.User has the authenticated user's details
userEmail := res.User.Email

// Next step: create a session for this user and allow access

Java

String code = request.getParameter("code");
String error = request.getParameter("error");
String errorDescription = request.getParameter("error_description");
if (error != null && !error.isEmpty()) {
  // Handle errors
  return;
}
try {
  AuthenticationResponse res = scalekitClient.authentication().authenticateWithCode(code, redirectUrl);
  // res.getIdTokenClaims() has the authenticated user's details
  String userEmail = res.getIdTokenClaims().getEmail();

} catch (Exception e) {
  // Handle errors
}

// Next step: create a session for this user and allow access