Higher Logic Vanilla (Vanilla) integrates with several third-party applications that accommodate Single Sign-On (SSO) access from the application to Vanilla. This means that your users can access your Vanilla community, without having to sign in, directly from one of these applications that they are currently signed in to.
This article focuses on the third-party applications that offer SSO access to Vanilla.
📝 NOTE: If the user signs out of the third-party application, they lose the SSO-access functionality.
Facebook
Vanilla's Facebook Social Connect addon lets users sign in to Vanilla via their current Facebook session. You must register your application with Facebook for this addon to work.
Set up Facebook Social Connect
In order to set up Facebook Social Connect, you must create an “application” in Facebook at https://developers.facebook.com/apps.
After your application has been set up, copy the "Application ID" and "Application Secret" and paste them accordingly on the Vanilla (Dashboard > Settings > Connections > Social Media) Facebook Social Connect settings page.
The Valid oAuth Redirect URI should be https://community.yoursite.com/entry/connect/facebook or https://yoursite.vanillacommunities.com/entry/connect/facebook (if you do not have a custom domain).
Data deletion
In February of 2021, Facebook added a required parameter, User Deletion Data, in the Basic Settings page of their application dev site. In this field, Facebook is requesting a link to documentation or to a support page where users can request that their data be deleted. The easiest solution here is to set the toggle to Data Deletion Instructions URL and link to a Support page, on your site or within your community, that has instructions for users and contact information so that they can reach out to your moderation/admin team to process the deletion request.
Create a Facebook application
For a complete walk-through of the steps, see How to Create a Facebook Application for Vanilla Forums Single Sign-On (SSO).
Twitter
Vanilla's Twitter Social Connect addon lets users sign in to Vanilla via their current Twitter session. You must register your application with Twitter for this addon to work.
Set up Twitter Social Connect
Register Vanilla with Twitter at https://apps.twitter.com/app/new.
Set the OAuth 1.0a Redirect URLs by appending /entry/connect/twitter and /profile/twitterconnect to your forum's URL. (If your forum is at https://community.example.com, your Redirect URLs would be https://community.example.com/entry/connect/twitter and https://community.example.com/profile/twitterconnect).
📝 NOTE: Make sure that your redirect URLs are HTTPS; otherwise, they won't work. Also, make sure that there aren't any following spaces or slashes (e.g., /entry/connect/twitter/ is not valid).
After registering, copy the "API key" and "API secret key" and paste them accordingly on the Vanilla (Dashboard > Settings > Connections > Social Media) Twitter Social Connect settings page.
Whitelisting
Twitter enforced that sign-in-with-Twitter users must allow callback URLs for security reasons.
This means that callback URLs have to be explicitly and identically set up for all supported third-party applications. You can set up the callback URLs in your Twitter's application setup page, https://apps.twitter.com.
For example, if your callback URL is http://localhost:8080/myApp/signin/twitter, you must add it to the list of Callback URLs in your Twitter's application setup page exactly as it is.
Google
Vanilla's Google SignIn addon lets users sign in to Vanilla with Google account credentials. You must configure your site in Google API Console.
Set up Google SignIn
1. Enable the Google SignIn addon in the Vanilla Dashboard.
2. Access your API Console at Google and create a project.
3. Click on the project name and in the side menu, select Credentials.
4. Under the Credentials tab in the main content area of the page, click Create credentials button and choose OAuth Client ID.
5. Select Web Application as Type.
6. For authorized JavaScript Origins, the URL will be your Vanilla Application URL.
- If you get a warning, 'Invalid Origin: Domain must be added to the authorised domains list before submitting', click on the link provided and navigate to the Authorised domains section to add your domain to the list of trusted domains. Be sure to save.
7. For authorized redirect URL, append /entry/googlesignin to your forum's URL. (If your forum URL is https://example.com/forum, your redirect URL is https://example.com/forum/entry/googlesignin).
8. Copy the "Client ID" and "Secret" and paste them accordingly on the Vanilla (Dashboard > Settings > Connections > Social Media) Google SignIn settings page.
📝 NOTE: If you have never used Google APIs, you must also fill in Consent Screen.
LinkedIn
Vanilla's LinkedIn Social Connect addon lets users sign in to Vanilla via their current LinkedIn session. You must register your application with LinkedIn for this addon to work.
Set up LinkedIn Social Connect
1. Enable the LinkedIn Social Connect addon in the Vanilla Dashboard.
2. Go to the LinkedIn Developer Network, https://www.linkedin.com/secure/developer.
3. Click Add New Application. When you create the application, you can choose what to enter in most fields, make sure you enter specific information for some fields.
4. Under Website URL, enter your forum's root URL.
5. Under Default Scope, select at least r_basicprofile and r_emailaddress.
6. Set the OAuth 2.0 Redirect URLs by appending /entry/connect/linkedin and /profile/linkedinconnect to your forum's URL. (If your forum is at http://example.com/forum, your Redirect URLs would be http://example.com/forum/entry/connect/linkedin and http://example.com/forum/profile/linkedinconnect).
7. After your application has been set up, copy the "Client ID" and "Client Secret" and paste them accordingly on the Vanilla (Dashboard > Settings > Connections > Social Media) LinkedIn Social Connect settings page.
Steam
Vanilla's Steam Connect addon can act as an OpenID provider. This allows your application to authenticate a user's SteamID without requiring them to enter their Steam username or password on your site.
Set up Steam Connect
1. Retrieve a Web API Key by following the instructions at Steam Web API Documentation.
2. Navigate to Vanilla's Social Connect Addons page (Dashboard > Settings > Connections > Social Media) and enable the OpenID and Steam Connect addons.
3. Configure Steam Connect by specifying the Web API Key (retrieved in step 1) on its settings page.
Microsoft
Vanilla's Microsoft Account addon lets users sign in to Vanilla with Microsoft account credentials. You must set up SSO at the Microsoft Azure Portal.
Minimal set up requirements:
1. From App registration, click Add new registration.
2. Redirect URI: http://example.com/entry/microsoftaccount.
3. Logout URL: http://example.com/entry/signout.
4. From the manifest, make sure your sign in audience is set to "signInAudience": "AzureADandPersonalMicrosoftAccount".
5. From certifications and secrets, create a new client secret.
6. Copy the "Client ID" and "Client Secret" and paste them accordingly on the Vanilla (Dashboard > Settings > Connections > Social Media) Microsoft Account settings page.