Glossary
##Familiarize yourself with the terminology used within the LoginRadius ecosystem.
###A
Access Token
An access token is a unique identifier key generated by LoginRadius that is activated after a successful authentication. It is unique to each authenticated user and is different even when the same user authenticates the next time.
It is used to retrieve the user's profile data and to perform write-actions to the authenticated user's profile through the LoginRadius API For more details please see our Tokens documentation here.
It is used to retrieve the user's profile data and to perform write-actions to the authenticated user's social profile through the LoginRadius API.
Access Token Life
Access token life is the time period after your access token expires i.e. the time that you have access to a particular authenticated user's social profile. The default life of the access token in 15 minutes.
Account Linking
Account Linking allows you to provide a manner for customers to link their social provider accounts into a single unified account. For more details on this feature please read our account linking documentation here
API
API is a set of routines, protocols, and tools for building software applications. An API expresses a software component in terms of its operations, inputs, outputs, and underlying types.
**API Key & Secret **
This is a uniquely generated set of keys that will provide you access to a given API for your application. Generally speaking, an API Secret is known only to the owner and must be kept private.
We generate one set of API Key and Secret for each website to learn more, see LoginRadius API Key and LoginRadius API Secret .
###C
Callback
A Callback is a concept in computer programming, when passing executable code as an argument to a function, it will be executed by that function.
Callback URL
The Callback URL refers to the location that a user will return to after having completed the login/authentication process.
A Callback is a concept in computer programming, when passing executable code as an argument to a function, it will be executed by that function.
Client GUID
When a user initiates a social login (e.g., via Facebook or Google), the request is sent to RequestHandler.aspx. If the NoCallback feature is enabled, this request includes a Client GUID as a query string parameter. The Client GUID is a unique identifier for that specific login session.
The LoginRadius V2.js library handles the social login process, which involves popping up a window where the user can authenticate with their chosen social provider. Once the user completes the social login process, the popup window closes.
After the popup window closes, the parent page (the original page from which the login was initiated) sends a request to the Ping API using the Client GUID. The Ping API verifies the status of the login session identified by the Client GUID and responds with the user profile and access token if the social login was successful. The access token is used for subsequent authenticated requests to the application.
Note: If LoginRadius V2.js is not being utilized, in that case, any random string can be passed as Client GUID.
Custom Fields
If you would like your user profiles to have a field that is not part of our existing Profile Data Points you can create custom fields via your LoginRadius Admin Console by using our Standard Login Registration Form feature.
Custom fields are specifically for simple textual data. For more complex data please see our Custom Objects feature.
Custom Object A Custom Object is a schema-less object that can be attached to a specific account as shown in the below example. It can have a dynamic storage container that is updated with additional fields or data formats on the fly.
A Custom Object should be used if you are looking to store large amounts of user data and the data can’t be formatted in a structured format because the data format could be different for each user. Please see our Custom Object Overview for more details.
Custom Scope
Custom scope sets allow you to make permission-based social login, meaning you ask the user for additional permissions on a request basis going with the requirements for your site. for example you can ask the user for only "read permission" during social login and then you can ask for the "write permission" from the customer at a later point.
###D
Data Points
Data Points refers to the data that LoginRadius normalizes gathered through traditional forms or by different social providers. For more details on data points please see our data points documentation.
Data Source
A Data Source is a special type of custom field that holds large sets of key value pairs, It is created as part of our process for the Custom Registration Data workflow and is also designed to be easily configurable via API.
###E
Editable data field
LoginRadius provides a list of standard fields to be used for storing profile data, some of those standard fields can be edited via API while some of those fields are read-only. You can learn more about editable fields in our List of editable fields document.
Endpoint
The term Endpoint used in our documentation refers to a valid point of entry to any of the APIs.
###F
Facebook App ID
The Facebook App ID is part of a uniquely generated set of keys from your Facebook App which will allow you to access the Facebook API and settings for your application, it is publicly visible.
Facebook App Secret
The Facebook App Secret is part of a uniquely generated set of keys from your Facebook App which will allow you to access the Facebook API and settings for your application, it is known to the owner and must be kept private.
###G
Google Client ID
The Google Client ID is a key generated in your Google API Console which will allow you to access the Google APIs for your application, it is publicly visible.
Google Client Secret
The Google Client Secret is a secret generated in your Google API Console which will allow you to access the Google APIs for your application, it generally only known to the owner and must be kept private.
Google Authenticator OTP (One Time Password)
Is a token to be used once for the purpose of login, you can learn more about this token our LoginRadius Tokens documentation.
###H
Hashing
Hashing is one of the methods for data security and data management on the LoginRadius platform, it performs one-way encryption for critical data such as passwords, security questions, etc. This is an algorithm that turns message or text into a fixed string of digits. By using one-way hashing, the stored information can only be matched, but cannot be decrypted.
###I
IDX (Hosted/Selfhosted Page)
The LoginRadius Hosted Page is a solution provided by LoginRadius to Host your Login / Registration interfaces giving them a central location. You can learn more about Hosted Pages in our Hosted Page documentation
ID
The ID (Also known as Provider ID) is the unique identifier for each profile attached to a LoginRadius UID. There will be a unique ID for each profile (i.e. "Facebook", "Twitter", "Email", etc.) associated with a given UID.
Invisible ReCaptcha
Invisible ReCaptcha is one of the methods that can be used for identifying if a user is human that is supported by LoginRadius along with the standard Google ReCaptcha. With this method users are not required to click on a checkbox, instead it is invoked directly when the user clicks on an existing button on your site, you can learn more about this feature here .
###J
JSON
JSON is an open standard format that uses human-readable text to transmit data objects consisting of attribute-value pairs. It is used primarily to transmit data between a server and web application, as an alternative to XML.
JWT (JSON Web Token)
JWT is a method of establishing SSO (Single-Sign-On) connections that also happens to use JSON. You can find more details about JWT here .
###L
Label
A label is used to define the purpose of a field on a form e.g. "Email: "
###M
Multipass
Multipass refers to a method of establishing a Single Sign On (SSO) session. To learn more about Multipass please refer to our Multipass documentation .
###O
One-way Encryption refers to a type of encryption that has the goal of not being decrypted even when provided a key. E.g. Hashing
###P
Password Token
This is a unique one-time use token that is generated during the Forgot Password process. It is utilized with our javascript interfaces in conjunction with the Forgot Password template to reset a user's password.
Post ID
Post ID is a token generated by LoginRadius when you use one of our Trackable Status APIs. This token will be used to track the Likes, comments and re-share (retweet) counts for any shared content that is shared through one of the Trackable Status APIs.
Phone OTP (One Time Password)
The Phone OTP (One Time Password) is a password sent to a user with the purpose of being used once for log in.
Progressive Profiling
Progressive profiling is used to break-down how data is collected from a user into smaller multiple steps to avoid what could otherwise be a complicated or intimidating registration. LoginRadius provides 2 different types of Progressive Profiling: "User Registration Progressive Profiling" and "Social Data Progressive Profiling". You can learn more by visiting our Progressive Profiling documentation .
Projection
In the context of LoginRadius, Projection means pulling certain fields while leaving others out. LoginRadius offers Projection features with it's APIs.Please see our Advanced Customization documentation for Projection of Fields with our JavaScript Interfaces or our Advanced API usage for Projection of Fields with our Back-End APIs.
Push Notification
Push Notification allows the user of certain social media platforms to post a customized message to their profile/wall, like Facebook Wall.
###R
Request Token
This the client side token that is generated after a successful authentication. It can be used to retrieve the LoginRadius Access token which is used in the API calls, it has a permanent duration of 15 minutes. For more details please see our Tokens documentation here.
ReCaptcha
ReCaptcha is a method of identifying if is a user is human. LoginRadius supports both the popular standard Google ReCaptcha which prompts the user to enter a captcha from an image and Google Invisible ReCaptcha which does not require any typing, you can learn more about this feature here .
###S
SAML (Security Assertion Markup Language)
SDK is typically a set of software development tools that allows the creation of applications for a certain software package, software framework, hardware platform, computer system, video game console, operating system, or similar development platform.
Secondary API Secret
Given that the API Secret (also known as Private Key) should remain a secret as it unlocks the full potential of the LoginRadius APIs, we have added the option to generate temporary "Secondary API Secrets" that can be revoked. You can find this option in your LoginRadius Admin Console under:
Deployment -> Configuration -> API Credentials -> Additional API Secret(s)
Social Login
Social Login refers to the feature where a user can use their social platform account to log into other sites.
Social Provider Apps
The Social Provider specific apps that provide access to the social data for an individual user.
Social Sharing
Social sharing refers to the feature where user can share a pre-defined or customized message from other websites to their specified social platform.
Single Sign On (SSO)
Single Sign On is a solution that allows you to create single logins for multiple websites, where users login to one website once and can then be automatically logged into other websites. Along with its own solution, LoginRadius supports many different methods and technologies for SSO:
E.g. JWT, Multipass, SAML
To learn more about SSO please refer to our SSO Overview documentation.
Site Name
The identifier for a single LoginRadius account license which services a set of web properties within a Single Sign-On (SSO) environment. All web properties within the SSO environment utilizes a single set of LoginRadius configurations and Social Provider Apps.
SOTT (Secured One Time Token)
This is a token generated with the intention of being used for LoginRadius user registration via the authentication API or via the Javascript Interfaces. SOTT documentation
###T
Twitter Consumer Key
The Twitter Consumer Key is part of a uniquely generated set of keys from your Twitter App which will allow you to access the Twitter API and settings for your application, it is publicly visible.
Twitter Consumer Secret
The Twitter Consumer Secret is part of a uniquely generated set of keys from your Twitter App which will allow you to access the Twitter API and settings for your application, it is known to the owner and must be kept private.
###U
UID
The unique identifier of LoginRadius User Registration account, each UID may contain multiple social platform IDs, such as the ID from "Facebook", "Twitter", "Email" and others.
###V
Verification Token (vtoken)
The verification token or vtoken for short, is a unique one-time use token that is generated during any verification process. It is commonly utilized with our javascript interfaces in conjunction with Email templates to verify a user's given identity/email, please see our document on LoginRadius Tokens for more details.
###Y
Yahoo Consumer ID
The Yahoo Consumer ID is part of a uniquely generated set of keys from your Yahoo app which will allow you to access the Yahoo API and settings for your application, it is publicly visible.
Yahoo Consumer Secret
The Yahoo Consumer Secret is part of a uniquely generated set of keys from your Yahoo app which will allow you to access the Yahoo API and settings for your application, it is known to the owner and must be kept private.