OAuth 2 Flow (Server-Side)

To authenticate a user using a server-side flow, follow these steps:

Note: DailyCred's OAuth 2 flow is modeled after Facebook's implementation, and is nearly identical.

1. Send the user to https://www.dailycred.com/connect

  • POST/connect
  • Endpoint:


    identity_providerThe desired social network your user to authenticate with. If no identity_provider parameter is provided, it will default to email and password authentication. You can also set identity_provider to gateway to use our UI to let the user choose who to sign in with.
    client_id*Your DailyCred client ID
    redirect_uriAfter authentication, the user will be redirected to this url. The url must be within one of your approved domains in your account settings. If omitted we will use your account default callback.
    stateYou can include a state parameter to help prevent cross-site request forgery. When your user is redirected back to your site after authenticating, the state parameter will be included.
    referrerWe allow this optional parameter as a way to keep track of what page the user was on when they went to sign in. This will be passed back as a 'referrer' parameter after the user signs in.
    actionSpecifying an action parameter as signin will direct the user immediately to the 'sign in' form, instead of the default 'sign up' form.
    access_tokenIf you wish to connect a new social account with an existing user of yours, you can specify an access_token parameter to 'connect' the new account, instead of creating a new one. We handle all of the de-duplication and normalize the data so that you don't have to.
    Tip: Be sure to add localhost as an accepted redirect domain in your account settings

    2. The user is prompted to sign up or sign in

    If the user cancels the request (by hitting the 'cancel' button on the authorization screen), the user will be redirected to:


    3. The user is redirected back to your app

    After authorization, the user will be redirected to:

    4. Exchange the code for an Access Token

    Once the user has authenticated, you should make a server side request to exchange the code returned above for a user access token.

    Example Response

        access_token: '[YOUR_TOKEN]',
        worked : true

    5. Make requests to the DailyCred Graph API

    Example response

      "is_email_verified": true,
      "access_tokens": {
        "dailycred": "c3681ad2-250a-4985-ae8a-fdad48123235",
        "google": "ya31.AHES6ZTp2HijFmiz3EthqpOB5e6EqEje5_0eI25UB9Jn_MP0ERlGAg",
        "facebook": "AAADuiLHgPRcBEAplxD9I22dWzx9nW18KdvpDUdBRy8UqrdykTSJui8YPJMSF8rR2OKTzjod8kZBOXy939eTCOUOp26ONOrehFKPTYCQZDZD",
        "twitter": "44431966-TgD3VOLgxDv91bsHDDLtuEaupBVueaI512yLYLhjY"
      "updated_at": 1348881437129,
      "id": "a4babca4-1157-4314-b793-024b62093998",
      "display": "joesmith@dailycred.com",
      "guest": false,
      "username": "jsmitty",
      "identities": {
        "google": {
          "name": "Joe Smith",
          "id": "112885788772526071521",
          "family_name": "Stoever",
          "verified_email": true,
          "given_name": "Joseph",
          "email": "joesmith@dailycred.com"
        "facebook": {
          "video_upload_limits": {
            "size": 1073741824,
            "length": 1200
          "name": "Joe Smith",
          "username": "jsmitty",
          "third_party_id": "dGHzTuS8IjX9acsnQIeJDE6kKgM",
          "gender": "male",
          "id": "1092690821",
          "last_name": "Smith",
          "currency": {
            "currency_exchange_inverse": 0.1,
            "currency_offset": 100,
            "currency_exchange": 10,
            "user_currency": "USD"
          "bio": "I love dailycred!",
          "verified": true,
          "updated_time": "2012-09-27T19:04:38+0000",
          "link": "http://www.facebook.com/jsmitty",
          "locale": "en_US",
          "picture": {
            "data": {
              "is_silhouette": false,
              "url": "http://profile.ak.fbcdn.net/hprofile-ak-ash4/370570_1092690812_2022945351_q.jpg"
          "email": "jsmitty@gmail.com",
          "first_name": "Joe"
      "created": 1348873419043,
      "email": "joesmith@dailycred.com"