TikTok OAuth Provider
Descope allows you to create custom Social Login (OAuth) providers within the Authentication Methods page. This allows you to add any Social OAuth authentication within your application. This guide specifically covers the step by step configuration of a custom TikTok OAuth provider.
Creating the TikTok Application
Before creating the custom OAuth provider within the Descope console, you must create and configure an application within your TikTok developer account. You can follow the TikTok App Guide for details on creating your application.
When you create your app within TikTok, you must configure the redirect URI. Set the redirect URI to be https://<your-base-url>/v1/oauth/callback
. You can find your project's base url in our Multi-Region Support Guide.
Creating Descope Custom Provider
You can configure a custom provider in the Descope Console. Under Authentication Methods -> Social Login, select + Add custom provider
in the top right corner. You can
then set the name (in this case, "TikTok"), logo, and description for your custom provider.
Configure Account Settings
Within the account settings section of your provider, you will configure the following items:
Client ID
: This is theClient Key
of the application created within TikTok. TikTok uses a non standard format, so will need to use custom parameter keys in the connection settings.Client Secret
: This is theClient Secret
of the application created within TikTokScopes
: These are the configured scopes granted to Descope for the user within TikTok. Scopes provides users using third-party apps the confidence that only the information they choose to share will be shared. The minimum needed scope for Descope to be able to capture the user's email and basic account details from TikTok isuser.info.basic
.
Configure Connection Settings
Within the account settings section of your provider, you will configure the following items:
Authorization Endpoint
: The endpoint to request authorization from the user. For TikTok, this endpoint ishttps://www.tiktok.com/v2/auth/authorize/
.- Add an authorization parameter key
client_key
and paste the value from the account setting'sClient Key
. Token Endpoint
: The endpoint to exchange the authorization code for an access token. For TikTok this endpoint ishttps://open.tiktokapis.com/v2/oauth/token/
.- Add a token parameter key
client_key
and paste the value from the account setting'sClient Key
. User Info Endpoint
: The endpoint to get user details for attribute mapping. For TikTok, this endpoint ishttps://open.tiktokapis.com/v2/user/info/?fields=union_id,display_name,avatar_url
. To query more fields, append the field name to this url. Read more about scopes and fields.
Configure User Attribute Mapping
Given the user.info.basic
scope, Descope can capture any items
from the user info endpoint
response. Per the below example, we have mapped the following:
- data.user.union_id -> Login ID (mandatory)
- data.user.display_name -> Display Name (optional)
- data.user.avatar_url -> Picture (optional)
For more OAuth provider settings information, check out the OAuth Settings Guide. To add TikTok Social Login to your flow, check out our Social Login In Flows Guide.