Vanilla Forums integrates with a number of social applications that you can use as SSO solutions, this article focuses on that usage.
You can find an overview of our social integrations here for applications other than as method of sign in.
Facebook Connect allows users to sign in using their Facebook account. You must register your application with Facebook for this plugin to work.
How to set up Facebook Connect
In order to set up Facebook Connect, you must create an “application” in Facebook at: https://developers.facebook.com/apps
Once your application has been set up, you must copy the “Application ID” and “Application Secret” into your Facebook plugin settings page from your Vanilla dashboard.
Please note that the ‘Valid oAuth Redirect URI” should be: https://community.yoursite.com/entry/connect/facebook or https://yoursite.vanillacommunities.com/entry/connect/facebook if you do not have a custom domain.
In Feb of 2021, Facebook added a required parameter in the 'Basic Settings' page of their application dev site called 'User Deletion Data.' In this field, Facebook is asking for a link to documentation or a support page where users can request their data be deleted. The easiest solution here is to set the toggle to 'Data Deletion Instructions URL' and link to a Support page on your site or within your community. That page should ideally include instructions and contact information so users can reach out to your moderation/admin team to process the deletion request.
For a complete walk-through of the steps involved, read How to Create a Facebook Application for Vanilla Forums Single Sign-On (SSO).
Twitter Connect allows users to sign in using their Twitter account. You must register your application with Twitter for this plugin to work.
Setting up social login in Twitter Connect
- Register Vanilla with Twitter at: https://apps.twitter.com/app/new
- Set the OAuth 1.0a Redirect URLs by appending both /entry/connect/twitter and /profile/twitterconnect to the end of your forum’s URL. (If your forum is at https://community.example.com, your Redirect URLs would be https://community.example.com/entry/connect/twitter and https://community.example.com/profile/twitterconnect).
- After registering, copy the “API key” and “API secret key” into your Twitter plugin settings page from your Vanilla dashboard.
- The redirect URLs should be HTTPs.
- The redirect URLs should have no following spaces or slashes (i.e., /entry/connect/twitter/ will not work, while /entry/connect/twitter will)
Twitter enforced that sign-in-with-Twitter users must whitelist callback URLs for security reasons.
This means callback URLs have to be explicitly and identically set up for all supported third-party applications. You can setup the callback URLs in your Twitter's application setup page: https://apps.twitter.com
For example, if your callback URL is
http://localhost:8080/myApp/signin/twitter, you must add it to the list of Callback URLs in your Twitter's application setup page exactly as it is:
The Google Sign-In adds the ability to sign in to your community with a Google account. You will need to configure your site in Google API Console.
Setting up Google Sign In
- Once you have enabled the Google Sign In Plugin in your Vanilla Dashboard, go to your API Console at Google.
- You will need to create a project.
- Once you have a project, click on the project name. You will be presented with a side menu. Select “Credentials”.
- Under the Credentials Tab in the main content area of the page, click on the Create credentials button and choose "OAuth Client ID"
- Select Web Application as Type.
- You may get a warning 'Invalid Origin: Domain must be added to the authorised domains list before submitting.'.
- If so, click on the link provided and navigate to the " Authorised domains" section to add your domain to the list of trusted domains.
- Don't forget to save.
- For authorized redirect URL, append "/entry/googlesignin" to the end of your forum’s URL. (If your forum is at example.com/forum, your redirect URL would be https://example.com/forum/entry/googlesignin).
- Copy over Client ID and Secret into appropriate fields in Vanilla Dashboard.
- If you have never used Google APIs before you will also need to fill in Consent Screen.
LinkedIn social sign in allows users to sign in using their LinkedIn account. You must register your application with LinkedIn for this addon to work.
How to Set up LinkedIn Social Sign in
- Go to the LinkedIn Developer Network at https://www.linkedin.com/secure/developer/
- Click Add New Application. When you create the application, you can choose what to enter in most fields, make sure you enter specific information for some fields.
- Under Website URL enter your forum’s root url.
- Under Default Scope make sure you’ve selected at least r_basicprofile and r_emailaddress.
- Set the OAuth 2.0 Redirect URLs by appending both /entry/connect/linkedin and /profile/linkedinconnect to the end of your forum’s URL. (If your forum is at example.com/forum, your Redirect URLs would be http://example.com/forum/entry/connect/linkedin and http://example.com/forum/profile/linkedinconnect).
- Once your application has been set up, you must copy the Client ID and Client Secret into your LinkedIn plugin settings page from your Vanilla dashboard.
Steam can act as an OpenID provider. This allows your application to authenticate a user’s SteamID without requiring them to enter their steam username or password on your site . This is done by enabling OpenID then SteamConnect SSO addons, and configuring SteamConnect via its Settings page (Dashboard → Addons → Steam Connect → Settings button).
Setting up social login in Steam Connect
When creating a new SteamConnect connection you will need to fill the following field:
Steam Web API Key you can get this key from steam.
Steam Dev Documentation.
To setup a microsoftaccount sso, head over to https://portal.azure.com/
Minimal setup required to use microsoft account sso:
From the manifest, make sure your signinaudience is set to
- "signInAudience": "AzureADandPersonalMicrosoftAccount".
From certifications and secrets, create a new client secret, you will need this secret to be saved in the plugin's settings page, along with the client's id that is found in the "overview" page.