Yahoo! OAuth 2.0 Social Login Configuration Guide

Yahoo! is an American web services provider that serves content to over 1 billion users each month. Yahoo! Mail alone has an estimated 225 million users.

Important. Yahoo! OAuth 2.0 is Yahoo’s new protocol for social login. If you want to use Yahoo! as a social login provider use OAuth 2.0 and do not use the previous Yahoo! provider. That provider is being deprecated.

Before You Begin

To use Yahoo! OAuth 2.0 for social login you must:

  1. Obtain a Yahoo! developer account from https://developer.yahoo.com.
  2. Do one of the following:
    • Open a previously-created Yahoo! OAuth 2.0 app and copy the client ID and client secret.
    • Create a new app and copy the client ID and client secret.
       
  3. Use the Social Login Dashboard and your Yahoo! client ID and client secret to configure Yahoo! OAuth 2.0 as a social login provider.

In This Configuration Guide

  • Creating a Yahoo! OAuth 2.0 App for Social Login
  • Using an Existing Yahoo! OAuth 2.0 App for Social Login
  • Configuring Yahoo! OAuth 2.0 as a Social Login Provider
  • Testing Yahoo! OAuth 2.0 Social Login
  • Assigning a Different Yahoo! OAuth 2.0 App for Social Login
  • Removing Yahoo! OAuth 2.0 as a Social Login Provider



Creating a Yahoo! OAuth 2.0 App for Social Login

To create a Yahoo! app that uses OAuth 2.0 authentication, complete the following procedure:

  1. Log on to the Yahoo! Developer Network (https://developer.yahoo.com).
  2. Click Apps from the Developer Network home page:
  3. From the My Apps page, click Create an App:
  4. On the Create Application page, select Web Application and then enter information for your new app:

    Be sure you select Web Application and that you supply a valid redirect URI. By default, your redirect URI is your rpxnow.com domain followed by /yahoo-oauth2/callback.
     
  5. As needed, select any items from the API Permissions section that you would like returned from Yahoo! and then click Create App:
  6. After your app has been created, copy the Client ID and Client Secret and save those values to a text file or to a more secure location (we recommend the more secure location):

    Both the client ID and the client secret are needed to configure Yahoo! as a social login provider.
  7. Log off from the Yahoo! Developer Network.



Using an Existing Yahoo! OAuth 2.0 App for Social Login

If you already have a social login application, complete the following steps to retrieve the application’s client ID and client secret:

  1. Log on to the Yahoo! Developer network (https://developer.yahoo.com) and click Apps:
  2. From the Applications page, click the name of the app you want to use for social login:
  3. From the home page for your app, in the Web Settings section, copy the Client ID and the Client Secret as shown at the top of the page:

    This information can be stored in a text file (or, preferably a more secure location) until after you have configured Yahoo! OAuth 2.0  for social login.
  4. Log off from the Yahoo! Developers Network.

 


Configuring Yahoo! OAuth 2.0 as a Social Login Provider

To configure Yahoo! as a social login provider, make sure you have your Yahoo! client ID and client secret, and then complete the following procedure:

  1. Log on to your Social Login Dashboard (https://dashboard.janrain.com).
  2. From the Dashboard home page, click the Manage Engage Dashboard icon.
  3. From the Engage Dashboard home page, in the Widgets and SDKs section, click Sign-Ins.
  4. From the Sign-in page, verify that Widget is selected and then expand Providers:
  5. From the list of Providers, click Yahoo! OAuth2:
  6. In the Yahoo OAuth2 dialog box, click Next until you reach the screen requesting the Yahoo! Client ID and Client Secret:
  7. Enter your Yahoo! client ID in the Client ID field, enter your Yahoo! client secret in the Client Secret field, click Save, and then click Close. Yahoo! appears in your social login widget:
  8. When you are finished, select Save. Note that it might take as long as one hour before Yahoo! appears as a social login option on your web site.



Testing Yahoo! Social Login

To test Yahoo! social login, complete the following procedure:

  1. Do one of the following:
     
    • If you have just published your widget settings, click the Test your widget link that appears after the widget has been saved.
    • If you previously published your widget settings then, from the Engage Dashboard Sign-in page, click Launch a test widget.
       
  2. From the Test page, click the Yahoo! icon:
  3. In the sign-in window, enter a valid Yahoo! account name (email address) in the Email address field and then click Next:
  4. Enter your Yahoo! password in the Password field and then click Sign in:
  5. In the authorization window, click Agree:

If login succeeds, information returned from the Yahoo! profile is displayed in the API response preview field:

Note that you might also receive an email similar to the following, acknowledging that your Yahoo! account was used along with your social login app:



Assigning a Different Yahoo! OAuth 2.0 App for Social Login

If you want to use a different Yahoo! OAuth 2.0 app or if you need to change your existing app, you must update the Yahoo! OAuth 2.0 provider configuration settings. To do that, complete the following procedure:

  1. From the Social Login Dashboard home page, click the Manage Providers icon:
  2. On the Configure Providers page, click Yahoo! OAuth 2.0.
  3. Click the green Configured button to display the Yahoo OAuth 2 is currently enabled dialog box:
  4. To change the Yahoo! configuration, click Modify these settings.
  5. In the Yahoo dialog box, change the Client ID and/or Client Secret as needed, and then click Save:

Although you can modify your Yahoo! OAuth 2.0 settings, you cannot delete these settings. If you delete the settings and try to save your changes, you’ll see the error message Please enter both the Client ID and secret.

This means that you cannot “unconfigure” the provider: once configured, the Yahoo! OAuth 2.0 icon will always be shown as green (i.e., configured) in the Social Login Dashboard.



Removing Yahoo! OAuth 2.0 App as a Social Login Provider

If you no longer want to use Yahoo! OAuth 2.0 for social login, you can remove Yahoo! as a social login provider by completing the following procedure:

  1. Log on to your Social Login Dashboard (https://dashboard.janrain.com).
  2. From the Dashboard home page, click the Manage Engage Dashboard icon.
  3. From the Engage Dashboard home page, in the Widgets and SDKs section, click Sign-Ins.
  4. From the Sign-in page, verify that Widget is selected and then expand Providers.
  5. In the widget, click the X in the upper right corner of the Yahoo! OAuth 2.0 icon.
  6. Scroll to the bottom of the page, select Save and Publish, and then click Publish. Yahoo! OAuth 2.0 no longer appears in the sign-on widget.
Note. You must always have at least one social login provider in the widget. If you delete all the providers and then click Publish, you’ll see the error message Couldn’t save configuration: No providers.