Skip to main content

Glossary

It is important to take the time to familiarize yourself with the essential terminology that is commonly used within the LoginRadius ecosystem. Understanding these key terms will not only enhance your knowledge but also aid you in navigating effectively through the various features and functionalities offered by LoginRadius. By developing a solid grasp of this terminology, you will be better equipped to engage with the platform and leverage its full potential to meet your needs.

A

Access Token

An access token is a unique key generated by LoginRadius upon successful authentication. It is specific to each authenticated user and changes every time they log in. It retrieves the user's profile data and performs authorized actions through the LoginRadius API. For more details, see our Tokens Documentation.

Access Token Life

The lifespan of an access token determines how long it remains valid before expiring. The default lifetime is 15 minutes.

Account Linking

Account linking enables users to connect multiple social provider accounts into a unified profile. For more details, see our Account Linking Documentation.

API (Application Programming Interface)

An API is a set of protocols and tools for building software applications. It defines interactions between software components, including available functions, inputs, and expected outputs. For more details, see our API Documentation.

API Key & Secret

Each application generates a unique pair of credentials to authenticate API requests. The API Key is public, while the API Secret must be confidential. For more details, see the Tenant Management document.

C

Callback

A callback is a function passed as an argument to another function, which is executed later when the operation completes.

Callback URL

An endpoint where users are redirected after authentication, carrying data like access tokens or user details for further processing.

Client GUID

A Client GUID is a unique identifier for a login session when using the NoCallback feature. It helps track login status via the Ping API when LoginRadius V2.js handles social login.

Custom Fields

Custom fields allow developers to add additional attributes to user profiles that are not part of the default LoginRadius schema. These can be configured via the LoginRadius Admin Console.

Custom Objects

A schema-less data structure is attached to user accounts and is used for storing complex and dynamic data. For more details, see our Custom Object Overview.

Custom Scope

Custom scope settings allow applications to request specific user permissions dynamically. For example, an app can request read permissions and later ask for write permissions when needed.

D

Data Points

Normalized data is collected through social providers or traditional forms. For more details, see our Data Points Documentation.

Data Source

A Data Source is a structured storage unit that holds key-value pairs, enabling dynamic behavior in custom registration workflows. It supports personalized experiences, conditional logic, and data validation — like showing region-specific content or skipping steps for VIP users — ensuring more flexible, secure, and efficient user journeys.

E

Editable Data Field

Some standard profile fields in LoginRadius are editable via API, while others are read-only. For more details, see Editable Fields Documentation.

Endpoint

An Endpoint is a specific URL that acts as the entry point to a LoginRadius API, allowing systems to send requests and retrieve data — like user authentication, profile updates, or session management — enabling seamless interaction between applications and the LoginRadius platform.

K

Key Rotation

A security practice involving the periodic replacement of cryptographic keys, such as API keys and secrets, to minimize exposure risks. LoginRadius allows developers to rotate API secrets for enhanced security.

L

Latency

The time delay between a client's request and the server's corresponding response. LoginRadius ensures optimized API response times for improved performance.

LoginRadius Core API

LoginRadius provides a comprehensive suite of APIs for handling user authentication, profile management, identity verification, and social login.

M

Multipass

Multipass is a method for creating a Single Sign-On (SSO) session, allowing users to authenticate once and access multiple connected services without re-logging in. It securely shares user data between applications to ensure a smooth, consistent experience. For more details, see Multipass Documentation.

N

Nonce

A one-time random value used in authentication processes to prevent replay attacks. LoginRadius utilizes nonces in OAuth and SSO implementations to enhance security.

O

OAuth

An open standard for access delegation is commonly used for API authentication. LoginRadius supports OAuth for secure user authentication and third-party integrations.

OIDC (OpenID Connect)

An identity layer on top of OAuth 2.0 that enables authentication and user identity verification. LoginRadius provides OIDC-based authentication to support modern identity and access management.

One-Way Encryption

Hashing is an irreversible form of encryption that ensures data security for sensitive user information. LoginRadius implements hashing techniques to store passwords securely.

P

Password Token

A one-time, unique token generated during the Forgot Password process, allowing users to reset their password securely.

Phone OTP (One-Time Password)

A temporary, one-time password sent via SMS to verify a user’s phone number or enable secure login.

Progressive Profiling

A method for collecting user data over multiple interactions to enhance user experience. Learn more in our Progressive Profiling Documentation.

S

SAML (Security Assertion Markup Language)

SAML (Security Assertion Markup Language) is an open standard protocol that enables Single Sign-On (SSO) by securely exchanging authentication and authorization data between an identity provider (IdP) and a service provider (SP), allowing users to access multiple applications with one login.

Secondary API Secret

A temporary, revocable API Secret, which is used to enhance security. Manage secrets in the LoginRadius Admin Console under: Tenant Settings→ API Configuration→Additional API Secret(s).

Single Sign-On (SSO)

Single Sign-On (SSO) is an authentication mechanism that lets users log in once and seamlessly access multiple connected applications without re-entering credentials. This improves user convenience while enhancing security through centralized access control. Learn more in our SSO Overview.

Social Login

Social Login is a feature that lets users quickly authenticate using their existing social media accounts — like Google, Facebook, or LinkedIn — reducing friction during sign-up while improving convenience and data accuracy.

Social Sharing

Social Sharing lets users quickly share predefined content — like articles, promotions, or product pages — from a website directly to their social media profiles, boosting engagement and visibility.

T

Twitter Consumer Key & Secret

  • Consumer Key: Public identifier for integrating a Twitter app.
  • Consumer Secret: Private key for authenticating Twitter API requests.

U

UID (Unique Identifier)

Each user in the LoginRadius system is assigned a unique identifier (UID). A single UID may contain multiple associated login methods (e.g., social login, email, etc.).

V

Verification Token (vtoken)

A one-time, unique token sent to a user’s email to verify and activate their account securely. See Tokens Documentation for more details.

Y

Yahoo Consumer ID & Secret

  • Consumer ID: Public identifier for integrating a Yahoo app.
  • Consumer Secret: Private key for authenticating Yahoo API requests.