EveryoneSocial uses OAuth for authorization to share to social networks–such as LinkedIn, X, Weibo, and more. The purposes of this article are to outline what OAuth is and how it connects your accounts to EveryoneSocial. We also want to address concerns associated with authenticating your networks with EveryoneSocial.
🔷 Note: This article does not supersede or replace our terms and policies.
What is OAuth
OAuth is an authorization method allowing two unrelated websites or services to share assets. It connects EveryoneSocial with social networks. Passwords are not stored using OAuth. Only actions and permissions are authorized on your behalf.
Once network authorization is given, EveryoneSocial receives a temporary access token to start sharing assets. The expiration of the token varies for each social network; upon expiration, authorization is canceled and must again be granted.
Authorized permissions and actions
EveryoneSocial operates as a vendor with other networks and each network has its own set of authorized permissions for vendors using OAuth. When connecting the account, EveryoneSocial is authorized to connect and access information in accordance with our agreement with the network.
If you’d like to review permissions regarding authorized permissions and actions, social networks will typically have an article about how permissions are used and granted, how to review apps you have authorized, and steps to take to revoke access.
General permissions granted to EveryoneSocial
- Create posts on behalf of authorized accounts.
- Retrieve engagement statistics for posts shared through EveryoneSocial.
- Retrieve the total number of 1st-degree connections for LinkedIn and X.
EveryoneSocial does not use network permissions to
- View or engage with other networks' private channels or content.
- Impersonate you.
- Access private conversations or direct messages.
Where authorization persists
Authorized accounts are based upon a user’s profile and not an individual Workspace. Most people using EveryoneSocial have access to a single Workspace but, for those that are a part of multiple Workspaces, your social accounts and authorization persist across all Workspaces you joined.
Why social networks disconnect
There are always stipulations and regulations for each network that may cause a social network to disconnect from EveryoneSocial, even it it was authorized for connection.
Here are the main reasons why social networks disconnect accounts.
Social networks authenticate vendors based off credentials for accounts at the time they are authorized. If those credentials change, then EveryoneSocial is no longer authorized to connect until the user reauthenticates the account.
OAuth has a specific timeframe for each social network to keep an account connected based on the agreement between EveryoneSocial and the network. Once the authentication period expires, the token is revoked, and the account must be re-authenticated with the network. Here are the default periods for authentication.
- LinkedIn: Tokens have a 365 day lifespan.
- X (formerly Twitter): Tokens are not issued an expiration date and shouldn’t require re-authentication.
Accounts may have access to business accounts or profiles, and these can be disconnected if permissions change to one that doesn’t support third-party app posting. It's also possible that the page settings have restrictions applied, such as age and location-based, and this would result in applications being unable to send content to post to it. Be sure to check settings and work with the page administrator if you are connected to the account and the network, but you can not post content.
Authorization is not permanent. Social networks have security methods in place that will authorize accounts for active time periods using the same browser or until passwords change. Once social networks cancel the authorization, you’ll need to log in to confirm authorization before sharing content from EveryoneSocial.
You’ll see an alert in EveryoneSocial advising you to reconnect accounts once this happens. This article will walk you through how to reauthorize the connection.
Questions or concerns
EveryoneSocial takes security serious. We are GDPR compliant, SOC 2 certified, and CSA Star certified. Learn more at Trust.EveryoneSocial.com.
We understand if you have questions or concerns about using OAuth for EveryoneSocial to share assets with your networks.
We’d love to talk to you and discuss those at any time. Please contact Support, and we’d be happy to join you in a conversation.