Log Into the WSO2 API Store Using Social Media

We can integrate the WSO2 Identity Server with WSO2 API Manager and use our social media credentials to log in to the API Store and API Publisher. This article shows you how to integrate Facebook authentication and log in to the API Store.

• Create a Facebook application
• Configure Facebook login with Identity Server
• Configuring requested claims and roles for user authentication in Facebook Identity Provider
• Configure service providers to the Publisher and Store with the Facebook Identity Provider
• Test Facebook authentication

Create Facebook Application

1. Go to https://developers.facebook.com/ and log in using your Facebook credentials.
2. Select My Apps in the navigation and create a new app by clicking Create App.
3. Enter the name of your app and your email address. Click Create App ID.

    4. Click on Setup to create a Facebook Login product.

   5. Select the Web to work with this sample. You can select any other platform you wish to use 

  6. Add the serverURL of WSO2 Identity Server (which is configured with offset = 2) https://localhost:9445/ and click Save and Continue.

7. Click the Dashboard and go to the Developer Dashboard. You can find your App ID and the App Secret as shown in the image below.

8. Click on the new Facebook Login product you have added and configure it as follows.

Configure Facebook Login With Identity Server

Let's see how to configure WSO2 Identity Server to work with Facebook for user authentication, so that when you try to login to the Publisher or Developer Portal, WSO2 Identity Server will redirect to Facebook to do the authentication. For this purpose, you have to configure the WSO2 Identity Server by adding a new identity provider.

1. Log in to the Management Console of WSO2 Identity Server as the admin user.
2. Go to the Identity section under the Main tab. Click Add under Identity Providers and enter the following details.
   1. Identity provider Name: Facebook            
   2. Alias: https://localhost:9445/oauth2/token
3. Go to Facebook Configuration under Federated Authenticators.
4. Enter the Client ID and Client Secret from the values obtained from the Facebook app created in the previous section.
5. Select Enable Facebook Authenticator and select Default to make it the default authentication method.
6. Enter the User information fields you want to retrieve separated by commas under User Information fields.

7. Click Update.

Configuring Requested Claims and Roles for User Authentication in Facebook Identity Provider

We need to acquire the identity information by configuring claims to use Authentication on Facebook. Let's see how you can configure Identity Server with Facebook by mapping the claims.

1. Go to the Identity section under the Main tab. Select List under Identity Providers.
2. Click Edit to edit the Facebook identity provider you created.
3. Go to Basic Claim Configuration under Claim Configuration.
4. Select the Define Custom Claim Dialect option under Select Claim mapping Dialect and click Add Claim Mapping to add custom claim mappings as follows.
5. Go to Role Configuration and configure it as follows.

Configure Service Providers to the Publisher and Developer Portal With the Facebook Identity Provider

To federate logging in to the Publisher and Developer Portal with Facebook, you need to configure the service provider with the Facebook Identity Provider.

1. Go to the Management Console of WSO2 Identity Server (https://localhost:9445/carbon) and click on Service Providers.
2. Click Edit to edit the admin_admin_store.
3. Go to the Local & Outbound Authentication Configuration section. Select the Identity Provider you created from the dropdown list under Federated Authentication.
4. Make sure that Federated Authentication is selected. Click Update to save the changes.

Important Note: Make sure to copy the org.wso2.carbon.identity.application.authenticator.facebook-5.1.14.jar found in <IS_HOME>/repository/components/drop-ins directory to <API-M_HOME>/repository/components/drop-ins directory. Then restart the API-M server before testing Facebook Authentication.

Test Facebook Authentication

1. Access the developer portal via https://localhost:9443/devportal. Observe the request redirect to the WSO2 IS login page and then the Facebook login page.
2. Enter the username and password of your Facebook account.

3. After successfully authenticating the login, you will be logged into Store. Your username will be the email address of your Facebook account. This is because you have already configured the email as the UserID Claim URI. 

If you configure your UserID Claim URI with the last_name, your username will be the last name of your Facebook account.