title: [Learning Notes] LINE Bot Developer Guide Explained - 4. LINE Login
published: false
date: 2021-06-29 00:00:00 UTC
tags:
canonical_url: http://www.evanlin.com/line-bot-guide-4/
---
## Preface:
Hello everyone, I am Evan Lin, a Senior Development Technology Promotion Engineer at LINE Taiwan. Today's article will explain in detail the "LINE Bot Developer Guide" presentation document. This document is from the [Development guidelines](https://developers.line.biz/en/docs/partner-docs/development-guidelines/) presentation, considering that it has not been officially announced and localized in Chinese in Taiwan. This time, we are collaborating with the headquarters to prepare a Chinese version, and we are also using this series of articles to explain it, hoping to provide more developers with more understanding. The [Development guidelines](https://developers.line.biz/en/docs/partner-docs/development-guidelines/) document has a lot of content, and this presentation will also be explained in five articles. This article is the fourth article, mainly explaining LINE Login and the things to pay attention to during development.
## Article Index:
#### Full Presentation Link: [https://speakerdeck.com/line\_developers\_tw2/line-bot-developer-guideline-chinese](https://speakerdeck.com/line_developers_tw2/line-bot-developer-guideline-chinese)
I hope you can continue to pay attention:
1. [About LINE Bot](https://www.evanlin.com/2021-05-25-line-bot-guide-1/)
2. [Notes on Receiving Requests Using Webhook URL](https://www.evanlin.com/line-bot-guide-2/)
3. [Notes on Sending API Requests](https://dev.to/evanlin/line-bot-3-api-1jhn-temp-slug-126169)
4. [LINE Login (This Article)](http://www.evanlin.com/line-bot-guide-4/)
5. LINE Login (Supplement)
6. Other Related Functions
This article will focus on the first section, which is pages 30 to 46.
## LINE Login
<script async="" data-slide="30" data-id="0e9f6182ae864568a5940cbad5ef4bec" data-ratio="1.77777777777778" src="//speakerdeck.com/assets/embed.js"></script>
This section will introduce the following related items.
- Introduction to LINE Login
- LINE Login authentication
- (1) Callback URL settings
- (2) Authentication and Authorization
- (3) Redirection
- (4) Obtaining access token API
- (5) Obtaining ID Token
- (6) Obtaining user data
- LINE Login processing flow
- Mechanism for establishing account association through LINE Login
- Automatic friend addition function (1)
- Automatic friend addition function (2)
- Automatic friend addition function (3)
- Automatic friend addition function (4)
- Friend status check API
The following will begin to explain each page in detail:
## Introduction to LINE Login
<script async="" data-slide="31" data-id="0e9f6182ae864568a5940cbad5ef4bec" data-ratio="1.77777777777778" src="//speakerdeck.com/assets/embed.js"></script>
This page mainly introduces LINE Login. For more detailed information about LINE Login, you can learn more through the following articles:
Many commercial services provide exclusive offers or reward activities through membership mechanisms, but the registration and login process of members often makes many users feel difficult. In addition to filling in a lot of information, users also need to remember another set of account passwords. LINE has a very high market share in Taiwan, and almost every user has a LINE account. In this case, wouldn't it be very convenient if you could directly use your LINE account to register and log in to website services?
In addition to providing a way to log in, LINE Login can also provide user names and profile pictures. And through LINE Login, users can also join the commercial service's LINE official account at the same time, so that users can use the relevant services anytime and anywhere.
#### Related Articles
-[How to Develop OAuth2 PKCE through Golang – Taking LINE Login as an Example](https://engineering.linecorp.com/zh-hant/blog/pkce-line-login/)
## LINE Login authentication
<script async="" data-slide="32" data-id="0e9f6182ae864568a5940cbad5ef4bec" data-ratio="1.77777777777778" src="//speakerdeck.com/assets/embed.js"></script>
When it comes to the detailed explanation of the LINE Login authentication process, based on the OAuth2 and OpenID protocols, LINE Login can not only create a secure and worry-free login service, but also help website developers quickly create related services.
#### Related Articles
- [How to Develop OAuth2 PKCE through Golang – Taking LINE Login as an Example](https://engineering.linecorp.com/zh-hant/blog/pkce-line-login/)
## (1) Callback URL settings
<script async="" data-slide="33" data-id="0e9f6182ae864568a5940cbad5ef4bec" data-ratio="1.77777777777778" src="//speakerdeck.com/assets/embed.js"></script>
There is some relevant information about the Callback URL settings.
- The Callback URL must comply with HTTPS.
- The server itself must comply with TLS 1.2 and 1.3.
- If you need to support more than one Callback URL, please remember to use a line break to separate them.
#### Related Articles
- [LINE’s APIs now support TLS 1.3](https://developers.line.biz/en/news/2020/07/01/enabled-tls1.3/)
- [Updated: TLS 1.0 and TLS 1.1 support by the webhook notification source will be discontinued at the end of January 2021](https://developers.line.biz/en/news/2020/10/06/update-webhook-client-and-root-certificate/)
- [Ten Things You Must Know When Developing LINE Chatbots](https://engineering.linecorp.com/zh-hant/blog/line-device-10/)
## (2) Authentication and Authorization
<script async="" data-slide="34" data-id="0e9f6182ae864568a5940cbad5ef4bec" data-ratio="1.77777777777778" src="//speakerdeck.com/assets/embed.js"></script>
Regarding the LINE Login authentication URL, there are many related parameters that can be used. Let's talk about a few parameters that are easier for developers to use.
- `prompt`: Through this parameter, you can force a pop-up page for the user to agree. You can understand what permissions the App currently needs.
- `bot_prompt`: You can bind your LINE Login App with the LINE official account. That is, after the user logs in, they can directly add the official account as a friend.
For more related usage methods and examples, please refer to: [Add a LINE Official Account as a friend when logged in (bot link)](https://developers.line.biz/en/docs/line-login/link-a-bot/).
#### Related Articles
- [Dev Doc: LINE Login: User authentication](https://developers.line.biz/en/docs/line-login/integrate-line-login/#making-an-authorization-request)
- [How to Develop OAuth2 PKCE through Golang – Taking LINE Login as an Example](https://engineering.linecorp.com/zh-hant/blog/pkce-line-login/)
- [Add a LINE Official Account as a friend when logged in (bot link)](https://developers.line.biz/en/docs/line-login/link-a-bot/).
## (3) Data processing after redirection:
<script async="" data-slide="35" data-id="0e9f6182ae864568a5940cbad5ef4bec" data-ratio="1.77777777777778" src="//speakerdeck.com/assets/embed.js"></script>
This presentation mentions that after the user enters their account and password to complete LINE Login registration. The LINE platform will send the results to the server registered by the Callback URL. At this time, you will receive related information that needs to be processed later.
 At this time, there are two ways to obtain it, which are the methods of the next two presentation slides:
- Get Access Token API
- Get ID Token
In addition, if you are developing LINE Login on the mobile terminal, please remember to use the PKCE call authentication method. Make your security more comprehensive. For details, please refer to [How to Develop OAuth2 PKCE through Golang – Taking LINE Login as an Example](https://engineering.linecorp.com/zh-hant/blog/pkce-line-login/) or the technical document [PKCE support for LINE Login](https://developers.line.biz/en/docs/line-login/integrate-pkce/)
#### Related Articles
- [Dev Doc: LINE Login: Receiving the authorization code](https://developers.line.biz/en/docs/line-login/integrate-line-login/#receiving-the-authorization-code)
- [How to Develop OAuth2 PKCE through Golang – Taking LINE Login as an Example](https://engineering.linecorp.com/zh-hant/blog/pkce-line-login/)
- [PKCE support for LINE Login](https://developers.line.biz/en/docs/line-login/integrate-pkce/)
## (4) Obtaining access token API
<script async="" data-slide="36" data-id="0e9f6182ae864568a5940cbad5ef4bec" data-ratio="1.77777777777778" src="//speakerdeck.com/assets/embed.js"></script>
Here, we discuss the parameters that need attention when calling the Get Access Token API. Related articles can also refer to [How to Develop OAuth2 PKCE through Golang – Taking LINE Login as an Example](https://engineering.linecorp.com/zh-hant/blog/pkce-line-login/), or you can view the technical document [Getting an access token with a web app](https://developers.line.biz/en/docs/line-login/integrate-line-login/#get-access-token).
#### Related Articles
- [Dev Doc: LINE Login : Get Access Token](https://developers.line.biz/en/docs/line-login/integrate-line-login/#get-access-token)
- [How to Develop OAuth2 PKCE through Golang – Taking LINE Login as an Example](https://engineering.linecorp.com/zh-hant/blog/pkce-line-login/)
- [Getting an access token with a web app](https://developers.line.biz/en/docs/line-login/integrate-line-login/#get-access-token)
## (5) Obtaining ID Token
<script async="" data-slide="37" data-id="0e9f6182ae864568a5940cbad5ef4bec" data-ratio="1.77777777777778" src="//speakerdeck.com/assets/embed.js"></script>
The premise of obtaining the ID Token is that you must use `scope` as `openid` to receive it when you receive the response. After receiving `id_token`, there are two ways to obtain user information:
- **Use the ID Token Verify API**: Refer to [Use a LINE Login API endpoint](https://developers.line.biz/en/docs/line-login/verify-id-token/).
- **Parse directly through the code** `id_token`: Refer to [Write code to validate ID tokens](https://developers.line.biz/en/docs/line-login/verify-id-token/#write-original-code).
#### Related Articles
- [Dev Doc: LINE Login : Get Access Token](https://developers.line.biz/en/docs/line-login/integrate-line-login/#get-access-token)
- [How to Develop OAuth2 PKCE through Golang – Taking LINE Login as an Example](https://engineering.linecorp.com/zh-hant/blog/pkce-line-login/)
- [Write code to validate ID tokens](https://developers.line.biz/en/docs/line-login/verify-id-token/#write-original-code)
- [Use a LINE Login API endpoint](https://developers.line.biz/en/docs/line-login/verify-id-token/)
## (6) Obtaining user data
<script async="" data-slide="38" data-id="0e9f6182ae864568a5940cbad5ef4bec" data-ratio="1.77777777777778" src="//speakerdeck.com/assets/embed.js"></script>
This refers to obtaining the user's data through [Get User Profile](https://developers.line.biz/en/docs/line-login/managing-users/#get-profile), but you need to obtain the Access Token in advance, which is the information after Request Access Token is completed.
#### Related Articles
- [Dev Doc: LINE Login : Get Access Token](https://developers.line.biz/en/docs/line-login/integrate-line-login/#get-access-token)
- [How to Develop OAuth2 PKCE through Golang – Taking LINE Login as an Example](https://engineering.linecorp.com/zh-hant/blog/pkce-line-login/)
- [Write code to validate ID tokens](https://developers.line.biz/en/docs/line-login/verify-id-token/#write-original-code)
## LINE Login processing flow
<script async="" data-slide="39" data-id="0e9f6182ae864568a5940cbad5ef4bec" data-ratio="1.77777777777778" src="//speakerdeck.com/assets/embed.js"></script>
Here is another diagram showing the same thing, mainly "Request Access Token", and then there are two situations:
- Use `scope` as `openid` to receive it when you receive the response, and receive `id_token`, you can directly obtain user information.
- If there is no `id_token`, you can obtain Get User Profile through the access token to obtain related information.
#### Related Articles
- [Dev Doc: LINE Login : Get Access Token](https://developers.line.biz/en/docs/line-login/integrate-line-login/#get-access-token)
- [How to Develop OAuth2 PKCE through Golang – Taking LINE Login as an Example](https://engineering.linecorp.com/zh-hant/blog/pkce-line-login/)
- [Write code to validate ID tokens](https://developers.line.biz/en/docs/line-login/verify-id-token/#write-original-code)
## Automatic friend addition function (1)
<script async="" data-slide="42" data-id="0e9f6182ae864568a5940cbad5ef4bec" data-ratio="1.77777777777778" src="//speakerdeck.com/assets/embed.js"></script>
When creating a LINE Login Channel, if the setting "Add Bot as a friend option" was enabled, the official account can be added as a friend. This presentation provides more related reference materials:
#### 【Necessary Settings】
• To enable the option to add the Bot as a friend, you must perform the operation of "Linking the Bot to the LINE Login channel".
#### 【Requirements for enabling the option】
- A channel that has been granted LINE Login usage rights ("WEB" or "NATIVE\_APP").
- At least one Bot exists, and the Bot's Messaging API channel and LINE Login channel belong to the same Provider.
- The user who is setting up has Admin rights for the official account associated with the **LINE Official Account Manager**. \*\*
- The user who is setting up has **Login** **channel Admin rights** in **LINE Developers**.
#### 【Notes】
- When logging in, selecting to add as a friend will update the relationship with the official account.
- In principle, when selecting an official account, it is forbidden to establish a relationship with other official accounts except for the official official account of that channel.
- Since the update will be reflected immediately, please be especially careful during operation to avoid accidentally setting it to other accounts (test accounts, etc.).
- If the LINE Login channel is created under a Certified Provider, the default value will be the state of having checked to add as a friend (unblocked).
#### 【About the introduction of the bot\_prompt parameter】
- `normal`: Through the setting method, provide users with the option to choose whether to add the official account as a friend.
- `aggresive`: A more aggressive method, by popping up another window, allows users to add friends. (If the previous page did not add).
## Friend status check API
<script async="" data-slide="46" data-id="0e9f6182ae864568a5940cbad5ef4bec" data-ratio="1.77777777777778" src="//speakerdeck.com/assets/embed.js"></script>
If you have completed LINE Login, is there another way to know whether the user has added the official account as a friend? You can use the `friendship_status_changed` parameter to understand.
### Reference materials:
- [Use the `friendship_status_changed` query parameter](https://developers.line.biz/en/docs/line-login/link-a-bot/#use-friendship_status_changed)
## Conclusion:
The above is the supplement and sharing of the fourth part of the "LINE Bot Developer Guide". If you want to know more, you can check the full presentation or find other articles to understand.
Want to know more about developer activities? Join the "LINE Developer Official Community" official account immediately, and you can receive the first-hand Meetup activities, or push notifications of the latest news related to the developer program. ▼
"LINE Developer Official Community" Official Account ID: @line\_tw\_dev 
Evan Lin
Posted on • Originally published at evanlin.com on
[Learning Notes] LINE Bot Developer Guide Explained - 4. LINE Login
For further actions, you may consider blocking this person and/or reporting abuse
Top comments (0)