Social Login v1.14

Release Notes

New functionality:

- Provide a page where the user will be forwarded after logging in

- Sent a message on behalf of a new user to facebook and LinkedIN that they joined your site. 

Both are plugin settings, so you can decide yourself.

Bug fix to allow messages send to LinkedIN.

Remark: You need to adapt your LinkedIN app: In the scope settings you need to enable all settings except r_basicprofile, rw_groups and rw_company_admin to be able to use this plugin best and to be able to send a message after initial login.

  • I am familiar with the plugin of Jeroen, as you can see in the comments he inspired me to create my own remote login functionality which does integrate with this plugin. The demo is still live on 

    But unfortunately I could not use his plugin for that, so there will be no integration. I will put it on my to do list to incorporate a remote login feature with this plugin. The code I worked out that day is currently no where close to be reusable for you guys right now.

    As to your FB issue. Check your FB app settings and follow the instructions in the admin pages of the plugin. Take also a close look at the app Center permissions. The plugin does request and receives profile picture and location information if FB allows it and the user of course provides the information and approves the request.

  • I've just put the page I created on github for you. This should get you able to create your own remote login. 

  • How do you change a user's preferences when using this plugin?

    It requests a password, but the current social account password is refused.

    Thanks for the plugin! It's really been a life saver

  • This plugin works fine for me except for one issue which is, I sign in with facebook successfully but profile picture and location information are not pulled into elgg. 


    This plugin works fine for me except for one issue which is, I sign in with facebook successfully but profile picture and location information are not pulled into elgg. 



    This plugin works fine for me except for one issue which is, I sign in with facebook successfully but profile picture and location information are not pulled into elgg. 

  • @MacGyverMan User preference is the same as with a regular login. If you request a new password, that only works if the social account had an email address attached. If so, you can also login using that email address with the newly received password. Social login is creating a normal user account with a random password. You can use regular login or continue using your FB, LinkedIn or Twitter account

    @Mariano. Check your FB app settings. Profile picture and location information will be gathered if available and the fb app is configured correctly. But only once, at first login. It will not update existing accounts with changed avatar or whatever information that changed on FB.

  • hie I am testing this plugin. It does take location and bio of the person but does not take the profile picture. It works well with twitter though. Any suggestions?

  • Hi Valentine, I am using the plugin myself on different sites and all of them do take profile picture with all different providers, also on my pristine test site with just a clean install and no third party plugins.

    That doesn't mean works at your end. But to be able to pinpoint the source of the problem I really need more information. Which provider is a start, is there a way to test it. Facebook has so much more options to investigate that I hope it also fails on LinkedIn or another TP provider, since that makes it easier to narrow down.

    But the suggestion is, setup a test site with only Elgg 1.8.19 on and enable the plugin and if that fails we probably need to check the app settings. I could make better recommendations in the plugin if knowing which settings fail.

  • thanks for the Pm reply Gerard.. From my FB App settings, under Advance, I can only see "Deauthorize Callback URL" field, so this is where I put the callback URL:

    Also, under Advance>Security, down it has the option selected YES for "Client OAuth Login" enabled, all others are disabled (Embedded browser OAuth Login, App Secret Proof for Server API calls, Require 2-factor reauthorization)...

    Will try and see if it works...

  • I just tried, here are the results:


    Account Creation: OK

    Profile Pic: NO

    Profile Fields: OK

    Facebook Wall post: NO

  • Try Embedded browser OAuth Login setting to yes.

    If that does not work, maybe you can authorize me for your app, so I can take a look.

  • And remember, the profile picture will only be loaded during first login. So you need to remove the account you are testing with to see if it is working. Same applies for Wall post. Only once !

  • No luck. I just tried 2 accounts again, deleted the users, and logged in. I've got the nice window to authorize app but it seems it has a note below the window: This does not let the app post to Facebook.

    I also did try both Website app and App on Facebook(w/ Canvas Page) and same result. How can I authorize you to test the app?

  • Add me as friend on facebook (Gerard Kanters) and than add me as administrator in roles. You can remove my account later.

  • added.. the setting on the app i set to for now for testing purposes

  • @Bryan, The url does not refer back to your site and the FB app is in development mode. This cannot work properly.

    I cannot test it either, since I cannot determine where your site is. I did change the browser OAUTH login setting.

  • ok, no prob... thanks, man! will retest and set app to public mode

  • That still will not work. A correct URL in the FB app settings is the least thing you need to get the plugin working

  • Ok can I get to redirect user to activity page after social login? I am using this plugin and would like users to go to activity page after logging in. I have custom index enabled. Thanks

  • @Valentine, as you can see in the release notes. It is now a plugin setting to provide a page like activity or any other page to forward the user after logging in.

  • Thanks a lot.  I hadn't noticed. Funny enough I was the one who configured the API keys from facebook and twitter.

  • Cnet reported a flaw in Oauth (which it isn't) but it is possible for attackers to misuse it if you do not use it correctly in your app. So my strong advice to you is to make sure to use the callback URL as recommend in the plugin settings.

    Also use Google and Facebook IP whitelisting to avoid misuse of your app.

  • @bryan how did you do that? Code please. My user also do not have their profile pictures synced with them. It just pulss their user name and nothing more. It doesnt even post on facebook. call back url is fine and stuff. users can login and register but still missing those elements. Thanks

  • The issue with facebook profile picture and other things like description, is that some providers block file_get_contents. If your hosting provider supports suPHP you can re enable it by setting "allow_url_fopen = On" in your php.ini

    Ofcourse, if you are host it yourself, just apply it directly. Unfortunately, it cannot be enabled in .htaccess

  • Thanks @Gerard. It works fine with twitter though

  • I am using the User Validation by Admin plugin with access restricted to logged in users only.  This has a strange effect ... login using the social plugin tries to take you to an inaccessible page but doesn't let you log in if you are an unrecognised user.  But the person trying to log in is registered as a new user nonetheless without having to await Admin approval.  Is there any way of obtaining the admin approval capability and maintaining the walled garden while using Social login?


  • Category: Authentication
  • License: GNU General Public License (GPL) version 2
  • Updated: 2020-12-31
  • Downloads: 8746
  • Recommendations: 25

Other Projects

View Gerard's plugins