Integrating with third party sign in systems

Third party sign in systems can be supported by implementing a custom grant type.
Refer to the grant token end point for detail of how the existing grant methods work.

Contribly and the 3rd party need to a agree a method for validating and authenticating a 3rd party user.
This might be an encoded cookie value or a token with can be verified with a callback to an API provided by the 3rd party.

The value needs to be in a secure format. It should not be possible to predict what it might be for a given user.
ie. The third party username or user id would not be suitable.

Once the means of identitifing the third party use is agreeded Contribly will implement a custom grant type in the Contribly API.

Rather than using the standard anonymous, password or facebook grant types to obtain Contribly access tokens, this new grant type will be used.

When granting an access token to a new third party user, Contribly creates a linked shadow user linked to that third party user.
Any contributions made using that access token can then be linked to the third party user.