페이지 이동경로
  • Docs>
  • Kakao Sync>
  • Auto-login from Kakao Talk

Kakao Sync

Auto-login from Kakao Talk

The Auto-login from Kakao Talk (Auto-login, for short) is an extended feature of Kakao Login, which allows you to show a different page depending on the response. This feature allows for a more efficient and convenient service for users according to their signup status when accessing your service page in the Kakao Talk in-app browser.

Example that shows the Auto-login feature

The Auto-login process is broken down into three steps.

Step 1. Check for which browser the service page is being accessed on

This feature only works through the Kakao Talk in-app browser. To check if the user access the page through the Kakao Talk in-app browser, check if KAKAOTALK is included in UserAgent.

UserAgent
Browser Rule Description
Kakao Talk in-app browser KAKAOTALK Mozilla/5.0 (Android; Mobile; rv:13.0) Gecko/13.0 Firefox/13.0 KAKAOTALK
Step 2. Request authorization code for auto-login

After checking that the user browser is the Kakao Talk in-app browser, add the prompt parameter to the request of Getting authorization code API and set it to "none".

Refer to the following developement guides to see how to request in detail:

Step 3. Present different pages according to the response

If the request is successful, check its response to figure out whether the user has signed up or not. Then, present different pages according to the user's signup status.

For users who have signed up

If a user has signed up, an authorization code is issued. Thus, the user does not go through the login process of inputting the user's ID and password. In this case, request tokens using the issued authorization code to complete the login process, and then present your service page to a user in a logged-in state.

For users who have not signed up

If a user has not signed up, the user cannot complete the login. In this case, the error response is returned with consent_required, indicating that the user's consent is required to use a service. Thus, you must present a service page to the user in a logged-out status.

Here is a sequence diagram showing the Auto-login process.

Auto-login flow

Here is one of the Auto-login scenarios. As an example, let's see a product page that is commonly shared through Kakao Talk.

  • See the browser information to check if the user accessed the page through the Kakao Talk in-app browser.
  • If the user has accessed the page through the Kakao Talk in-app browser, add prompt=none in the login request.
  • If the user has signed up through Kakao Sync, you will get an authorization code and show a product description page in a logged-in state. In this case, users do not need to log in to buy the product on the page.
  • If the user has not signed up, an error returns. In this case, show the user the product page in a logged-out state. If the user wants to log in to make a purchase, prompt the user to log in, not using the Auto-login feature.

Web

After checking that the user browser is the Kakao Talk in-app browser, request an authorization code using a REST API. To use the Auto-login feature, you must add prompt=none in the request. If not, general Kakao Login proceeds instead of the Auto-login.

You can get the authorization code through redirect_uri that the Kakao authorization server passes to as the query string.

If a user has signed up with the Kakao Account through Kakao Sync, only the authorization code is returned in the response. In this case, show the user your service page in a logged-in state after requesting an access token and a refresh token with the authorization code.

On the other hand, if a user has not signed up yet, an error is returned. In this case, show the user your service page in a logged-out state. You also need to implement the login process without Auto-login when a user takes an action that requires login or signup.

Request
URL
GET /oauth/authorize?client_id=${REST_API_KEY}&redirect_uri=${REDIRECT_URI}&response_type=code&prompt=none HTTP/1.1
Host: kauth.kakao.com
Parameter
Name Type Description Required
client_id String REST API key that Kakao issues when you create an app. You can check Your REST API key in [My Application] > [App Keys]. O
redirect_uri String Callback URL that the authorization code is redirected to. O
response_type String Fixed as code. O
prompt String Used to request reauthentication by selecting whether to present an interactive UI.
To see more information and error types related to this parameter, refer to Get authorization code.
To use the Auto-login feature, set to none and pass it when requesting an authorization code.
O
state String Parameter to strengthen security.
Random string generated by your app to keep the state between the request and callback.
It is recommended to use this parameter to protect from Cross-Site Request Forgery(CSRF).
X
Response
Name Type Description Required
code String authorization_code that returns if your request succeeds. O
state String If this parameter is included in the request, the same value as the request must be returned. X
error String Error code that is returned if your request fails. X
error_description String Error message that is returned if your request fails. X
Sample
Response: Success
HTTP/1.1 302 Found
Content-Length: 0
Location: ${REDIRECT_URI}?code=${AUTHORIZATION_CODE}
Response: Fail, if user has not signed up through Kakao Sync
HTTP/1.1 302 Found
Content-Length: 0
Location: ${REDIRECT_URI}?error=consent_required&error_description=user%20consent%20required.

Legacy Android

For Auto-login, add auto_login to extraParams, and set it to true. The auto_login parameter should be Map type, and use the constants only supported by com.kakao.auth.StringSet as values.

Set AuthType to KAKAO_TALK_ONLY because Auto-login only works from the Kakao Talk in-app browser.

If a user successfully logs in, the user is redirected to a service page in a logged-in state.

import com.kakao.auth.StringSet;

public class SampleLoginActivity extends BaseActivity {
    private SessionCallback callback;

    @Override
    protected void onCreate(Bundle savedInstanceState) {
        super.onCreate(savedInstanceState);
        setContentView(R.layout.activity_sample_login);

        callback = new SessionCallback();
        Session.getCurrentSession().addCallback(callback); // Add callback

        Map<String, String> extraParams = new HashMap<>();
        extraParams.put(StringSet.auto_login, "true");

        Session.getCurrentSession().open(AuthType.KAKAO_TALK_ONLY, this, extraParams); // Pass KAKAO_TALK_ONLY as a parameter. Otherwise, the webView login is executed if Kakao Talk has not installed.  
    }

    @Override
    protected void onActivityResult(int requestCode, int resultCode, Intent data) {
        if (Session.getCurrentSession().handleActivityResult(requestCode, resultCode, data)) {
            return;
        }

        super.onActivityResult(requestCode, resultCode, data);
    }

    @Override
    protected void onDestroy() {
        super.onDestroy();
        Session.getCurrentSession().removeCallback(callback); // Remove callback
    }

    private class SessionCallback implements ISessionCallback {

        @Override
        public void onSessionOpened() {
            // Login success
        }

        @Override
        public void onSessionOpenFailed(KakaoException exception) {
            // Login fail
        }
    }
}

Legacy iOS

To use the Auto-login feature, you need to call canOpenURL that checks if Kakao Talk has been installed, and set authType to KOAuthType.talk. After that, pass KOSessionAutoLoginParameterKey as parameters.

// Check if Kakao Talk has been installed
if UIApplication.shared.canOpenURL(URL(string: "kakaokompassauth://")!) {

    // For Auto-login, add `KOSessionAutoLoginParameterKey`
    let parameters = [KOSessionAutoLoginParameterKey: "true"]

    // Simple login without a dialog to choose a login method 
    let authTypes = [NSNumber(value: KOAuthType.talk.rawValue)]

    // Proceed login
    KOSession.shared()?.open(completionHandler: { (error) in

        if error != nil {
            // Change to a logged-in state

        } else {
            // If login fails or other error occurs, Auto-login is not available.
        }

    }, parameters: parameters, authTypes: authTypes)

} else {
    // If Kakao Talk has not been installed, Auto-login is not available.
}

Considering the Auto-login is only available in the Kakao Talk in-app browser, you need to handle an error exception by showing the user the service page in a logged-out state if Kakao Talk has not been installed on the user's device. There is also the error exception that a user has not yet signed up for KaKao Talk. In this situation, you need to handle the expectation as you would a logged-out state.

See more

Web

Android

iOS