With Google & Facebook single sign-on (SSO), users can securely access applications using their credentials; the 'Sign in with Apple' feature also provides this functionality via Apple ID. Brands using Olo’s white-label front end can allow customers to use their Google, Apple ID, or Facebook logins to create an account and order online. Follow the steps below to set this up and then reach out to your Customer Success Manager to get everything activated.
These features are also supported by our API, so brands using custom front ends can leverage this as well. If the guest login page is not hosted by Olo, reach out to your OAuth or loyalty provider about adding Google, Apple, or Facebook SSO.
NOTE: If you use an Olo or custom mobile app and enable Facebook and/or Google SSO, it is a requirement to enable 'Sign in with Apple' as well.
Configuration in Google
- Visit https://console.developers.google.com
- Click Create Project and submit a descriptive Project Name
- From the Manage Resources Page or Notifications Drop Down select your new project
- From the Getting Started panel select Explore and Enable APIs
- From APIs and Services select Oauth Consent Screen
- Select External and click Create
- Enter in the app name, user support email, and a logo
- Enter your domain in the authorized domains section
- Finally, enter your developer contact information and click save
- On the next screen enable any scopes you may want and click save
- Add any test users you want on this screen and click save
- On the left click Credentials
- Click +Create Credentials at the top of the screen and choose OAuth client ID
- Under Application Type select Web application
- Add Name “INSERT BRAND NAME”
- Under Authorized Redirect URLs enter:
- Click Create
- Provide Olo with the Client ID and Client Secret from the box that pops up
Configuration in Apple
- Create an App ID
- Note: If you have an Olo app, skip this step as we already have this information.
- Create a Services ID associated with the App ID. Ensure ‘Sign in with Apple ID’ is enabled and configured with the following:
- Desktop example: brandname.olo.com, order.brandname.com
- Mobile Web: brandname.olo.express
- Olo App and/or API: api.olo.com
- Return URLs
- Desktop: https://brandname.olo.com/user/oauthcallback, https://order.brandname.com/user/oauthcallback
- Mobile Web: https://brandname.olo.express/account/oauthcallback
- Olo App and/or API: https://ordering.api.olo.com/v1.1/externalauth/appleid/callback
- Create and download a key here.
- Note: Key file can only be downloaded at the time it is created so be sure not to lose it!
Send Olo the Following Information
- Download the Key you created in the previous step.
- This should be the text in the .p8 file found between the “-----BEGIN PRIVATE KEY-----” and “-----END PRIVATE KEY-----”. All characters should be copied, including the line breaks.
- Download the Key ID using the Download button.
- Team ID: When logged into apple.com, you can find the Team ID in the upper right-hand corner.
- Client ID: This is the identifier of the Services ID you configured above
Configuration in Olo
Olo will need to configure Apple as a new login provider using the above credentials. Once completed, you will need to follow the testing instructions below.
When using Apple ID to sign in, guests may choose to keep their email address private, in which case Apple uses a unique proxy email address. Email relay configuration must be completed for these proxy email addresses to function properly.
- Create and confirm the domain you would like Olo to send the confirmation emails from, instead of firstname.lastname@example.org and send to Olo.
- Olo will verify and provide CNAME records to be added to your DNS
- Once the domain is verified in Olo and DNS has been updated, enter the ‘Sign in with Apple’ address into the Apple Developer Console for ‘Sign in with Apple’ configuration
- Test email configuration
- Olo will need the following information to test the email relay configuration
- ‘From’ email address (address from which the email will be sent)
- Target proxy email address (to which the email will be sent)
- Email template
- Olo will send a series of test emails that you will need to confirm receipt of
- Test the ‘Sign In with Apple’ flow:
- Click the Login button displayed on the login page, with a link to sign in using an Apple ID
- Clicking Apple ID Login will take you to the sign-in page
- Guest can enter their Apple ID and password. If the guest has two-factor authentication enabled, they will be sent a verification code they will need to enter.
- Upon verification, they will be given the option to share their email or keep it private. If the guest chooses to keep their email private, then a proxy email address unique to the guest + your brand will be used by Apple.
Configuration in Facebook
- Visit https://developers.facebook.com/
- Choose an existing app or click My Apps > Create App
- Click > Build Connected Experiences
- Type in the name of the brand (e.g., shake shack)
- Enter the contact email
- Select Business Manager Account if desired
- Select Create App
- Prove you’re not a bot
- Click Settings then Basic
- Add URLs (e.g., https://shakeshack.olo.com and https://shakeshack.olo.express)
- Click Dashboard and scroll down to Add Products > Facebook Login > Setup > Settings
- Under section Client OAuth Settings
- Set Client OAuth Login to Yes and uncheck all others that can be.
- Under Valid OAuth redirect URIs add:
- Click App Review and make the application public.
- Click Settings > Basic and grab the App ID and App Secret
- Provide Olo with both the App ID and App Secret