Using WordPress? Our WordPress plugin is all you need.

Using anything else? No problem. Since our authentication is OAuth 2.0  based, there are ready-made libraries available for all major server-side languages and frameworks. All you need to know are the following parameters:

Client ID: copy this from “My Webpages
Client secret: copy this from “My Webpages
Authorize URL:
Access token URL:
User data URL:

For example, in PHP you may wish to use thephpleague/oauth2-client:

$provider = new \League\OAuth2\Client\Provider\GenericProvider([
  'clientId' => you_oauth2_client_id',
  'clientSecret' => 'your_oauth2_client_secret',
  'redirectUri' => '', // The url that will run this code snippet
  'urlAuthorize' => '',
  'urlAccessToken' => '',
  'urlResourceOwnerDetails' => ''

// If we don't have an authorization code then get one
if (!isset($_GET['code'])) {

  // Fetch the authorization URL from the provider; this returns the
  // urlAuthorize option and generates and applies any necessary parameters
  // (e.g. state).
  $authorizationUrl = $provider->getAuthorizationUrl([
      // Optional params
      'lang' => 'en',
      // ...

  // Get the state generated for you and store it to the session.
  $_SESSION['oauth2state'] = $provider->getState();

  // Redirect the user to the authorization URL.
  header('Location: ' . $authorizationUrl);

// Check given state against previously stored one to mitigate CSRF attack
} elseif (empty($_GET['state']) || (isset($_SESSION['oauth2state']) && $_GET['state'] !== $_SESSION['oauth2state'])) {

  exit('Invalid state');

} else {

  // Try to get an access token using the authorization code grant.
  $accessToken = $provider->getAccessToken('authorization_code', [
      'code' => $_GET['code']

  // Using the access token, we may look up details about the
  // resource owner.
  $resourceOwner = $provider->getResourceOwner($accessToken);

  $ownerData = $resourceOwner->toArray();

  // Bam! You can now access the user's identity in $ownerData.
  echo "Authenticated user's ID code: " . $ownerData['idcode'];

Optional redirect query parameters:
lang – language of the user. Use 2-letter codes: (ISO 639-1)
method – user’s selected method code. If specified, authentication will begin with this method, user will not be asked to select authentication method. See available method codes.