I am developing an app that will use the Twitter and Facebook login APIs exclusively.
Suppose a new user downloads the apps and is presented with the option to log in through Facebook or Twitter. The user chooses Facebook.
I think the procedure at this point is to
a) create an auto-generated user ID in my Users table
b) store the Facebook credentials against the auto-generated user ID
I am confused about part b. Does Facebook return a unique ID when their API is called that I can store against my user ID or is there some alternate process? In other words, what exactly does it mean to store the Facebook credentials?
4
You’re talking about OAuth I imagine… specifically 3 legged
https://dev.twitter.com/docs/auth/3-legged-authorization
Overview
The 3-legged OAuth flow allows your application to obtain an access token by redirecting a user to Twitter and having them authorize your application. This flow is almost identical to the flow described in Implementing Sign in with Twitter, with two exceptions:
The GET oauth/authorize endpoint is used instead of /oauth/authenticate
The user will always be prompted to authorize access to your application, even if access was previously granted.
b) store the Facebook credentials against the access token
I am confused about part b. Does Facebook return a unique ID when
their API is called that I can store against my user ID or is there
some alternate process? In other words, what exactly does it mean to
store the Facebook credentials?
You’re storing the access token provided by Twitter
you still will have your own user table if your application requires it.