FAQ

This document walks you through frequently asked questions you may have when you integrate Kakao Login into your service.

Concepts

Q. What is a redirect URI?

A redirect URI is the address to which the user is redirected after logging in with their Kakao Account and completing consent. The authorization code, which serves as proof that the user has delegated authority to Kakao, is also delivered to this address. For this reason, you must register the redirect URI in advance on Kakao Developers.

When the user selects [Agree and continue] on the Kakao Login screen, Kakao automatically redirects the user (browser) to the pre-registered redirect URI.

http://localhost:4000/redirect?code=abc123xyz

For example, in the above address, http://localhost:4000/redirect is the redirect URI registered on Kakao Developers, and the code value abc123xyz after /redirect? is the authorization code issued by the Kakao authorization server.

The authorization code proves that the login was successful, and the server can use this code to request an access token from Kakao.

Q. What are an authorization code and an access token?

When a user logs in with Kakao Login on a website or app, the following occurs in sequence:

1. The user selects Kakao Login on a website.
2. The Kakao-provided login page is displayed, and the user logs in with their Kakao Account.
3. Kakao verifies the user with the entered ID and password.
4. Kakao sends an authorization code to the site (redirect URI) as proof that the user is authenticated. The authorization code works like a temporary pass.
5. The site forwards this temporary code to Kakao and requests permission (access token) to access the information the user allowed.
6. Kakao validates this request and issues an access token. The access token works as a key that enables access to actual information or features.
7. The site uses the access token to access information such as the user's profile picture, name, and email, or to send messages through Kakao.

In short, the authorization code is like a 'temporary pass' used to authenticate and request permission during login, and the access token is the 'key' that actually grants access to user information or features.

Instead of issuing the access token (key) immediately, Kakao first issues a short-lived authorization code (temporary pass) to enhance security. The authorization code is a one-time code valid only for a short duration, which helps minimize security risks.

For details, see Authorization and Token.

Q. Why is user consent required?

To retrieve user information through the Kakao API, user consent is required. This is Kakao’s process of requesting permission from the user for personal information protection and security. For example, even if a service such as a shopping mall or delivery app wants to know the user’s name or profile picture, Kakao does not provide the information unless the user consents.

Through this process, the user can review what information will be provided to the service and reject unnecessary information if desired.

Q. How can I obtain user consent?

A service can request user consent by classifying information as below depending on its necessity:

• Required consent item: The user cannot log in to the service unless they consent.
• Optional consent item: The user can log in without consenting, but they may choose not to provide the information.

The consent screen is provided by Kakao, so the service does not need to implement a separate UI. The consent screen is configured according to the consent items set by the service and is presented to the user as shown below. Services can configure consent items in [Kakao Login] > [Consent Items] of the App management page. For details, see Utilize and Prerequisites.

Q. What are the benefits of using Kakao Login?

Using Kakao Login offers advantages for both developers and users.

Service (developer)

• Kakao handles the authentication process, so you do not need to build a login system yourself.
• Provides a simple signup or login option for users who may abandon the service due to complicated registration.
• Retrieves user-consented information (for example, name, email) easily through the API.
• Integration works consistently across mobile and web, improving development efficiency.
• You can extend usage with various features provided by the Kakao API platform, such as friends list and message sending.

User

• Logs in easily with a single Kakao Account without a separate registration process.
• Faster and more convenient login by using a frequently used Kakao Account.
• Clear consent process ensures safe use of services.

Q. What is a session?

By default, websites do not remember users. Therefore, to temporarily store login information, services use a session, which is a temporary space in the web browser. A session works as a storage box for keys, allowing retrieval when needed.

This enables:

• Users to stay logged in without entering credentials repeatedly.
• Services to remember users even if the browser is refreshed or navigated to another page.

When the user logs out of the service, both the access token (key) and the session (key storage) are deleted within the service. However, the Kakao Account login session itself remains valid. Therefore, when the user selects the login button again, they may skip the Kakao Login page and be logged in immediately.

To expire the Kakao Account session together upon logout, use Logout of service and Kakao Account. (See: Differences by logout method)

While implementing Kakao Login

An error message appears while implementing login.

When an error occurs, you can figure out its cause through the error message in the response.

The errors that commonly occur when calling an API consist of the error code and error message. You can figure out its error type in each reference guide. If you encounter an error during the Kakao Login process, refer to Kakao Login > Troubleshooting.

• API Reference for Android SDK
• API Reference for iOS SDK
• API Reference for JavaScript
• Error code

"Invalid redirect" error occurs.

The "Invalid redirect" error often occurs when you first implement Kakao Login and request to receive an authorization code.

...error="invalid_grant", error_description="Invalid redirect:...

This error occurs when the Redirect URI set in [Kakao Login] > [General] > [Redirect URI] on the app management page mismatches with redirect_uri used to request an authorization code. You must set Redirect URI used to get an authorization code before requesting this API. If you have already set it, check if the set Redirect URI is exactly the same with the redirect_uri that is returned through the error message.

A specific consent item is not displayed on the Consent screen.

Even if you set a specific consent item to [Required consent], if the user does not have the information, the consent item will not be displayed on the consent screen.

In this case, set the Provision after collecting information through Kakao Account option for the corresponding consent item. The 'Provision after collecting information' option allows you to collect information from users and receive consent on the consent screen if the user does not have the information for the corresponding consent item during Kakao Login. Note that the 'Provision after collecting information' option cannot be used for phone numbers.

If user information input is required according to the 'Provision after collecting information' option, the user goes through an additional information input step before moving to the Kakao Login consent screen. Below is an example of the screen that appears during the additional information input step.

How can I handle when Kakao Account user information is changed?

Except for ID issued for each user or CI as authentication information, all user information is subject to change all the time. To update with the latest information, request the Retrieving user information API once logging in.

Can I get user information set as 'Optional consent' item during the use of service?

Yes. You can use the Request additional consent feature. Even if the user did not agree to provide information during Simple Signup because it was set as an optional item, you can ask the user again for consent to provide the information when they try to use a feature that requires that information. However, if the user refuses to provide the information even after the additional consent request, you must not provide that feature.

What are the types of user information that Kakao Login and Kakao Sync provides?

See User information to check all types of the user information that Kakao provides. Below are the conditions for providing user information.

1. You must set consent items for each user information.
2. Users must consent to the set consent items.

Can I use the Provision after collecting information option for phone numbers?

No. The Provision after collecting information option is not applicable for the 'Kakao account (phone number)' scope. Kakao gets a user's phone number saved in Kakao Talk linked to the user's Kakao Account. Thus, if a user does not use Kakao Talk, Kakao cannot get the user's phone number even though 'Kakao account (phone number)' is set to 'Required consent' item. In this case, you must collect a phone number separately in your service if phone numbers are required.

If there are users with empty phone number values even though the phone number is set as a required consent item, it means that those users do not use Kakao Talk and Kakao cannot provide their phone numbers. In this case, you must collect and store phone numbers separately in your service.

I cannot activate the Simple Signup function in on the app management page.

The Simple Signup function is available only after your app passes the Kakao Sync review. To see more detailed conditions, see Set Simple Signup > Conditions.

Can I set the language applied to Consent screen?

A user's web browser language preference applies to the language displayed on the Kakao Login page and Consent screen.

If you want to specify a particular language for the Consent screen, pass the lang parameter when getting authorization code.

Supported languages

The supported languages for the Consent screen are as follows:

Language	Value
Korean	ko
English	en
Japanese	ja
Simplified Chinese characters	zh

Sample Request for displaying English version

https://kauth.kakao.com/oauth/authorize?response_type=code&client_id=${REST_API_KEY}&redirect_uri=${REDIRECT_URI}&lang=en

After implementing Kakao Login

"API limit has been exceeded." error occurs.

Kakao Open API provides a certain amount of free usage per month. When the usage limit (quota) is exceeded, an error occurs and the API can no longer be used. To check the usage limit set for each API, refer to Quota.

If you want to increase the usage limit, request consultation or partnership through DevTalk with the target app and reason. For Kakao Map API quota increases, check the announcement first. Kakao reviews the request and can establish a partnership or temporarily adjust the usage limit range.

When tapping the Kakao login button, the Login screen to input Kakao Account information appears instead of Kakao Talk.

When tapping the Kakao Login button, it is supposed to launch the Kakao Talk app to log in through Kakao Talk. If the Login screen to input Kakao Account information appears, check if you specify the Auth Type. According to the specified Auth types, Kakao Login works differently, and users can log in with the following information:

• All available authentication methods
• Kakao Account and password
• Kakao Talk user information

When using a REST API, users can log in with their Kakao Accounts and passwords only. On the other hand, the Kakao SDKs provide the following options:

Platform	Parameter	Description
JavaScript	throughTalk	Whether to use Kakao Talk Simple Login (Boolean).

These options are provided to allow you to specify authentication types according to service situations. The SDK has constants predefined for each option, so no separate specification is required.

The Consent screen does not appear.

If a user has already agreed by clicking [Accept and Continue] on Consent screen, the authorization code is issued without the Consent screen displayed. The Consent screen appears the first time when a user links with an app. To display the Consent screen again, unlink from an app and request an authorization code.

I am not returned to the service page or app after logging in through Kakao Talk.

If a user logs in with Kakao Talk on the mobile web but is not redirected to your service page or app, it is a normal phenomenon. According to policy on smartphone OS, an app is not allowed to load other apps arbitrarily. Thus, you need to guide users to go back to your service web page in person after the login on the login page. If the users are in logged-in state when they go back to your service page, it is normal.

The login flow on Kakao Talk also shows guidance text to help users understand this process.

Login is not completed after creating an account and attempting to re-login.

In the case of a web browser, to figure out if the user is successfully signed up,

1. Check if the logged-in user's information is successfully stored in your service's member database.
2. Retrieve the user information using the user's Service user ID (user_id) passed when the user is logged in.

For native apps, Kakao login authentication information is managed as a token. There are two types of tokens: an access token used to authenticate a user and a refresh token used to refresh your access token when it expires. Users can log in using the issued access token or refresh token before the tokens are expired as far as they have not logged out. Users do not need to verify user information with Kakao Talk or Kakao Account again during the token validity period.

• User has not logged out
• Within token validity period

Even though the above two conditions are met, if re-login using tokens is not possible, check the following:

• Check if the token is valid. If the token is not valid, revoke the token and let users log in again. If valid, go to the next step.
• If the token is valid but you cannot log in normally, check the login process in the service. The signup process may not be completed or information may not have been updated normally.
• If login fails due to an error that occurs during the authentication process, figure out its cause by referring to the error message.

I cannot log out.

If using a REST API, check the token information used to request logout.

In the case of the Kakao SDK, when requesting to log out, the SDK deletes your token and cookie, and then you are logged out regardless of the result of logout function. Thus, if you cannot log out, the failure may be caused by other issues, not related to the Logout API operation.

Can I log out of all devices that I am logged in at once?

This feature is not currently available. Kakao Account supports the multi-device feature, which means that you can log in with Kakao Account on multiple devices. Thus, if you request to log out, you are logged out of the only device that you are currently using, and the logged-in status remains on the rest devices.

When attempting to re-login after logout, I am logged in with the previous account.

This phenomenon occurs when the logout process has not been completed properly or when cookies are still stored in the web browser. When using the iOS or Android SDK, if logout is completed successfully, both tokens and cookies are deleted. When using the REST API, only the access token and refresh token are revoked, and Kakao Account cookies still remain. In this case, you may be logged in with the previous account when you try to authenticate again. Thus, delete the cookie on the web browser, and then retry login.

Does a service user ID change when logging in again after logout?

No. The service user ID (user id) issued to each service user is a unique value and does not change even when you log out or withdraw from the service.

However, apps created before September 19, 2018 may be configured to change the user ID when reconnecting after unlinking. In this case, you can prevent the user ID from changing by enabling [User ID Fixed] in [Kakao Login] > [Advanced] on the app management page.

When retrieving user information, some scope is empty.

Even when a user has agreed to provide user information through the Simple Signup process, a specific scope (user information) may be empty. That is because the user has never entered the information while using the Kakao service. In this case, you can use the Provision after collecting information through Kakao Account option in [Kakao Login] > [Consent items] on the app management page. Then, Kakao collects the required user information from the user and provides it to your service.

If the Provision after collecting information option is disabled so some user information required for a service is missing, the user is required to input the information when attempting to log in later. Then, update the user information as the user inputs.

However, a user refuses to provide information to Kakao, the item is empty even though you enable this option because Kakao does not retain the information. If the information is required to use your service, you must ask a user to input the information in person during the use of the service or allow the user to cancel the signup.

I cannot retrieve the required user information through the Retrieving user information API.

Cause

• Consent item not set or consent not obtained
  • If the corresponding information (e.g., email, shipping address, etc.) is not set to [Required consent] or [Optional consent] in the app's consent items settings, the information will not be provided.
  • The value may be empty even if the user does not agree to the item on the consent screen during login.
• Information not available in Kakao
  • If the user has never entered the corresponding information while using Kakao services, the value may be empty regardless of consent status. For example, even if the email consent item is set to [Required consent], if the user has not registered an email in their Kakao account, the email value will not be provided.
• Provision after collecting information through Kakao Account option not enabled
  • If the Provision after collecting information through Kakao Account option is turned off, items with no values are provided as empty values.
• User refusal
  • Items that the user has refused to provide are not held by Kakao either, so the corresponding values are returned as empty.

Solution

If you cannot retrieve the required user information through the Retrieving user information API, check the following:

1. Check if the consent items corresponding to the user information you could not retrieve are set
   • The user information can only be provided if the corresponding consent item is set to [Required consent] or [Optional consent] in the app
   • For information essential to the service, set it as a [Required consent] consent item and use the Provision after collecting information through Kakao Account option
2. Check the User consent for information provision value in the Retrieving user information API response
   • If the xxx_needs_agreement value is true, you can obtain it by getting user consent through Request additional consent and then requesting the Retrieving user information API again

Is there any way to know which personal information a user has agreed to provide?

Yes. You can check which consent items are set in your app and which consent items the user has agreed to using the Retrieving consent details API.

You can also check through the Retrieving user information API response. You can check the information the user has agreed to provide and the User consent for information provision to see which items require additional consent.

Even though I set 'email' to 'Required consent' item, some users' email values are empty.

If you need user's email information but cannot retrieve,

1. Check if you have enabled 'email' in the 'Consent items' menu. You must set it to 'Required consent' or 'Optional consent' to get users' email information.
2. Check if the 'email' is included in the Consent screen that appears when logging in with Kakao. If 'email' is not enabled in the Consent item or a user does not save email information, email item is not displayed on the Consent screen.
3. Check if the user's account has the email information. If the value of email_needs_agreement is true, the user has email information. In this case, request email information again after requesting additional consent.

If you must be provided the user's email information, set 'email' to a required scope and provision after collecting information. After setting, request additional consent, and retrieve user information again. However, if this method is not available, you must collect the user's email information by your own process.

No shipping address information in the response.

When calling the shipping address query API or Retrieving user information API using REST API or JavaScript SDK, the shipping_addresses field containing detailed shipping address information may not be included in the successful response.

{
  "user_id": 12345,
  "shipping_addresses_needs_agreement": true
}

Cause

• The user's consent is required to provide shipping address information, but the user has not agreed to the [Shipping address information] consent item
• The user has agreed to provide shipping address information, but no shipping address information exists
• The selected shipping address ID is invalid

Solution

Check the value of the shipping_addresses_needs_agreement field and take action as follows:

• true: If the user has not agreed to the [Shipping address information] consent item, obtain user consent through determining whether user consent is required and requesting additional consent, then retry the request.
• false: If detailed shipping address information cannot be provided.
  • If the shipping address ID is invalid: Obtain the correct shipping address ID through the shipping address selection API and retry the request.
  • If the user has agreed to provide shipping address information but no shipping address information exists and cannot be provided, the service must directly collect the shipping address from the user.