Social Signup

Register new user via social login provider (GitHub/Google/Apple/Microsoft).

Endpoint

POST /api/v1/auth/oauth/signup

Headers

Header	Required	Description
Content-Type	Yes	application/json

Request Body

{
  "provider": "github",
  "code": "authorization_code_from_provider",
  "agree_to_terms": true,
  "terms_version": "1.0"
}

Parameters

Field	Type	Required	Description
provider	string	Yes	OAuth provider: "github", "google", "apple", "microsoft"
code	string	Yes	Authorization code from OAuth provider
agree_to_terms	boolean	No	Terms acceptance (default: true)
terms_version	string	No	Terms version (default: "1.0")

Validations

• Provider validation
• Authorization code validation
• Terms acceptance (optional)

Response

Success (201)

{
  "success": true,
  "data": {
    "access_token": "eyJhbGciOiJIUzI1NiIs...",
    "refresh_token": "eyJhbGciOiJIUzI1NiIs...",
    "token_type": "bearer",
    "expires_in": 3600,
    "user_id": 123,
    "email": "user@example.com",
    "display_name": "John Doe",
    "is_new_user": true,
    "provider": "github",
    "message": "GitHub signup successful"
  },
  "message": "GitHub signup successful"
}

Error Codes

Status	Code	Description
400	SOCIAL_SIGNUP_FAILED	Signup failed
422	VALIDATION_ERROR	Request validation failed

Data Flow

1. Code Exchange

   • Exchange authorization code for access token
   • Request to OAuth provider

2. User Information Retrieval

   • Get user profile from provider
   • Extract email, name, avatar

3. User Creation

   • Create new user account
   • Store provider information
   • Create personal organization
   • Create default workspace
   • Create default roles

4. SSO Session Creation

   • Create SsoSession record
   • Link to AuthProvider

5. Token Generation

   • Generate OAuth2 tokens
   • Bypass MFA (provider authenticates)

6. Audit Logging

   • Log social signup event

Features

• Exchanges authorization code for access token
• Retrieves user information from OAuth provider
• Creates new user account with social profile
• Creates personal organization and workspace
• Returns OAuth2 tokens (access + refresh)
• Bypasses MFA (social providers already authenticate the user)
• Audit logging
• Session management

Example

curl -X POST https://api.rivergen.com/api/v1/auth/oauth/signup \
  -H "Content-Type: application/json" \
  -d '{
    "provider": "github",
    "code": "authorization_code_abc123",
    "agree_to_terms": true,
    "terms_version": "1.0"
  }'

Related Endpoints

• Get OAuth URL - Get authorization URL
• OAuth Callback - Automatic login/signup