Upgrade to WooCommerce Social Login 2.0

Version 2.0 of Social Login updated how login is authenticated with provider networks like Facebook and Twitter. We migrated from using Opauth to HybridAuth, which is a different code library for communicating with social networks.

We made this move because, while we routinely audit the plugin for security, HybridAuth has a more active development community, and thus will be more secure in the long run over the life of WooCommerce Social Login, and we want to be proactive in using newer codebases.

The plugin will continue to work without issue after upgrading. This change is backwards-compatible, but you need to make an update to your site to support this newer library.

New users can just follow the instructions for creating social network apps as normal.

The tradeoff to using a new library is that users must update callback URLs for some of their social network applications, and the plugin will notify you of this upon upgrade. This should take about 15 minutes depending on the providers you use.

You’ll need to update the following providers, then make a switch to the new callback URLs in the plugin settings. As each provider here allows you to add additional callback URLs, we recommend adding these new callback URLs, then later switching the plugin over to using them. While most providers have changes that take effect immediately, some (PayPal is an example) will take a few hours to implement new URLs.

Changing app settings to add the new URLs, waiting a few hours, then changing the plugin settings is the best approach for no downtime or frontend implications.

Make sure you’re modifying the social network apps you previously created for your site in this process.

Log into your Google developer account, then select the project for your social login app in the top bar. Here you’ll manage the API access for this application.

1. Click on “Credentials” on the left under “API Manager”.
2. Under “OAuth 2.0 client IDs”, click on the correct application for your store’s social login.
3. Add the new callback URL from the plugin settings under “Authorized redirect URIs”. The format will look something like:

   https://mystore.com/?wc-api=auth&done=google 

   but may be different. Please refer to the plugin settings for the correct URL.
   

   

4. Save your application settings. You’re done!

Log into your Amazon developer account, which should list all “Log in with Amazon” applications you have (probably just one).

1. For the application that handles your site login, hover of the gear icon under “Manage”.
   

   

2. Click on “Web Settings”.
3. Click “Edit” in the bottom right to modify your site’s URLs.
4. Click “Add Another” under “Allowed Return URLs” to enter a new callback.
5. Add the new callback URL from the plugin settings. The format will look something like:

   https://mystore.com/?wc-api=auth&done=amazon 

   but may be different. Please refer to the plugin settings for the correct URL.
   

   

6. Save your application settings. You’re done!

Log into your LinkedIn developer account, then click on your social login app. Here you’ll manage the API access for this application.

1. Scroll down to “OAuth 2.0” on this page.
2. Add the new callback URL from the plugin settings under “Authorized Redirect URLs:”. The format will look something like:

   https://mystore.com/?wc-api=auth&done=linkedin

   but may be different. Please refer to the plugin settings for the correct URL.
   

   

3. Click “update” to save your application settings. You’re done!

Log into your PayPal business account, then visit the developer center.

1. Scroll down to “REST API apps”, and click on the name of your social login application.
2. Scroll down to “LIVE APP SETTINGS” (or sandbox if you’re updating a sandbox app). Click “Show” for the return URL setting.
3. Click the “+” sign to add the new callback URL from the plugin settings. The format will look something like:

   https://mystore.com/?wc-api=auth&done=paypal 

   but may be different. Please refer to the plugin settings for the correct URL.
   

   

4. Save your application settings. You’re done!

Log into your Instagram account, then visit the developer center.

1. Click “Manage Clients” at the top.
2. Click “Manage” for the application for your store’s social login.
3. Click on the “Security” tab.
4. Add the new callback URL from the plugin settings under “Valid redirect URIs”. The format will look something like:

   https://mystore.com/?wc-api=auth&done=instagram 

   but may be different. Please refer to the plugin settings for the correct URL.
   

   

5. Save your application settings. You’re done!

We recommend doing this a few hours after you’ve added your new PayPal URL, as these can take time to take effect. Once you’ve waited a bit for that URL update to process, you can adjust the plugin settings.

Go to WooCommerce > Settings > Social Login and adjust the “Callback URL format” setting. You should now use Default as the format instead of the legacy format. This will tell Social Login to use the new URLs you’ve just added to your providers.

Existing linked accounts will continue to work after this change; your customers will not be affected in any way once you’ve switched.

This was the last step! You’re now ready for all future updates to the plugin.

All done here? You can read up on creating new social login apps, or go back to the main documentation.