Why doesn't the option set_force_re_authentication work with Twitter and LinkedIn in Basic plan?

edited August 2015 in Questions
Dear supporter,

I have purchased the Basic plan for my site. I am meeting an issue that the option set_force_re_authentication does not work with Twitter and LinkedIn.

Below is what I have implemented:

var _oneall = _oneall || []; _oneall.push(['social_link', 'set_providers', ['facebook', 'linkedin', 'twitter']]); _oneall.push(['social_link', 'set_callback_uri', '{$callbackUrl}']); _oneall.push(['social_link', 'set_custom_css_uri', '{$customCss}']); _oneall.push(['social_link', 'set_grid_sizes', [1,3]]); _oneall.push(['social_link', 'set_user_token', '{$userToken}']); _oneall.push(['social_link', 'do_render_ui', 'oa_social_link_multiple_sns_container']); _oneall.push(['social_link', 'set_force_re_authentication', true]);

I know Twitter has a way to force user to re-input their credentials by adding a force_login=true on the URL. Why doesn't oneall do that ?

Bach Huong

Best Answers

  • Fred_PinelFred_PinelMember
    Answer ✓
    Hi Thomas,

    The Twitter fix should be in service now. Could you report on how it works for you?

  • Fred_PinelFred_PinelMember
    Answer ✓
    Hi Thomas,

    We cannot find this error in our tests.
    When setting set_force_re_authentication, linking will set force_login to Twitter.
    Unlinking via the modal requires the credentials to be used in all cases, so that should be ok for you.

    Is there anything specific about your setup?


  • Hi Thomas,

    Try placing the 'set_force_re_authentication' line before the 'do_render_ui' line.

    Hope this helps.
  • Thank for replying, Frederic.

    It still doesn't work, this is what I have tried:

    var _oneall = _oneall || [];
    _oneall.push(['social_link', 'set_providers', ['facebook', 'linkedin', 'twitter']]);
    _oneall.push(['social_link', 'set_callback_uri', '{$callbackUrl}']);
    _oneall.push(['social_link', 'set_custom_css_uri', '{$customCss}']);
    _oneall.push(['social_link', 'set_grid_sizes', [1,3]]);
    _oneall.push(['social_link', 'set_user_token', '{$userToken}']);
    _oneall.push(['social_link', 'set_force_re_authentication', true]);
    _oneall.push(['social_link', 'do_render_ui', 'oa_social_link_multiple_sns_container']);

    Please help me to overcome this issue.

    Great thank for that,

  • Thomas_HuongThomas_HuongMember
    edited August 2015
    Below is the illustration for you to see the issue.

  • Hi,
    The current behaviour for this method is not what you expect, and probably not what it should be.
    Currently, setting to true will force the user to re-approve the application, while setting to false will not ask for approval each time.
    It does not request the user to re-enter their credentials (with the force_login).

    So, this is an error, and we're fixing it now.

    Thanks for your input !
  • Hi Frederic,

    Yeah, you were right. Thank for your clarification and for the fix as well.

    We are having a urgent plan and need to resolve this issue for Twitter firstly.

    Can you please prioritize delivering the fix for Twitter as highest ?

    Let me know right after you're done.

    Thank again so much,

  • Hi Frederic,

    It works perfectly right now. Thank a ton, mate.

    Do you have a chance to fix this for Facebook and LinkedIn as well?

    For now I will have to do a trick that uses Javascript SDK to force logging out in background whenever user opens the oneall social linking widget.

    - Facebook, using FB.logout();
    - For Linkedin, using IN.User.logout();

  • Hi,

    Also, LinkedIn does not seem to support this feature (forcing the user to enter their credentials).

  • Hi,

    Do you mean we would have to suffer this issue ? any workaround way to do that ?

  • It appears LinkedIn does not allow for this via their API.
    The user would need to log out of LinkedIn using other ways (through their web site, closing browser, ...).
    No identified workaround for the moment unfortunately.
  • Okay. Anyway thank you for help on the Twitter issue.
  • Hi Frederic,

    I just found out that you have added force_login=1 when user requests Unlink action for Twitter.
    But you have not add it when user requests for Link action.

    See below screenshot:

    This makes user keeps previous session and could not input a new credential after he does unlink action. Could you please review this and deliver a fix ?

    Thank you in advance.
  • Any chance to help me here @Frederic?
  • Hi,
    Just to let you know that you are not forgotten, this is on our list :-)
  • For now, I see it works. That's good.

    Thank mate.


Please sign in to your OneAll account to ask a new question or to contribute to the discussions.

Please click on the link below to connect to the forum with your OneAll account.