thirdweb API: Improved Social Authentication

New GET /v1/auth/social endpoint for simplified OAuth - replaces deprecated OAuth in /v1/auth/initiate

Firekeeper

23 Aug 2025 • 1 min read

Added

New Social Auth Endpoint: Introduced GET /v1/auth/social for simplified OAuth authentication
- Single-step OAuth flow with automatic redirect handling
- Supports all 12 OAuth providers: Google, Apple, Facebook, Discord, GitHub, X, Coinbase, Farcaster, Telegram, LINE, Twitch, Steam

Complete documentation with callback examples and JWT extraction guide

Deprecated

OAuth via /auth/initiate: The OAuth method in /v1/auth/initiate is now deprecated
- Still functional but will show deprecation warnings
- Please migrate to the new /v1/auth/social endpoint

Migration Guide

Before (Deprecated):

// Old OAuth initiation
POST /v1/auth/initiate
{
  "method": "oauth",
  "provider": "google", 
  "redirectUrl": "https://myapp.com/callback"
}
// Handle the rest yourself

After (Recommended):

// New simplified OAuth - just redirect user to:
GET /v1/auth/social?provider=google&redirectUrl=https://myapp.com/callback

Callback Handling:

// Extract the JWT token in your callback
const urlParams = new URLSearchParams(window.location.search);
const authResultString = urlParams.get('authResult');
const authResult = JSON.parse(authResultString!);

// Extract the JWT token
const token = authResult.storedToken.cookieString;

// Verify and use the JWT token
fetch('/v1/wallets/me', {
  headers: { 
    'Authorization': 'Bearer ' + jwtToken,
    'x-secret-key': 'your-secret-key'
  }
});

Benefits of Migration

Simpler Integration: One-step OAuth flow instead of separate POST + redirecting yourself
Better Documentation: Clear (and AI-friendly) callback handling examples and JWT extraction
Consistent API: Follows standard OAuth redirect patterns
Future-Proof: The new endpoint will receive ongoing support and improvements