Multi-User Applications

Use external id to easily manage multiple users connecting their accounts.

When building a SaaS platform or multi-tenant application with Post for Me, ensuring that users only access their own social accounts is critical. Since your API Key provides administrative access to your entire project, it must remain secure on your backend and never be exposed to client-side code.

Here is a breakdown of how to safely manage user access using External IDs and handle account connection workflows.

Server-Side Security

Your Post for Me API key is a project level credential. It grants full control over every connected account and post within your project.

How it works

All API requests should originate from your secure server. Your frontend client should never make calls directly to the Post for Me API.

Requirement: Ensure your API keys are stored in environment variables on your backend service.

Mapping Users with External IDs

To separate user data within a single project, you can use the external_id parameter. This allows you to map a social account in our system directly to a User or Tenant ID in your database.

How it works

When generating an authentication URL via the /v1/social-accounts/auth-url endpoint, you pass your internal user's ID as the external_id.

The Workflow

  1. Connect: Pass external_id: "user_123" when creating the auth URL.

  2. Filter: When fetching accounts for that user, verify ownership by filtering the request: GET /v1/social-accounts?external_id=user_123.

  3. Post: When creating a post, you can verify the user owns the target accounts by checking their associated external_id.

The Account Selection Flow

When a user authenticates with a social platform, Post for Me automatically imports every account that user has access to.

For example: If a user logs into LinkedIn, we will connect their personal profile and every Company Page they manage. All of these accounts will be assigned the external_id you provided during the initial request.

If you would like to let the user select which accounts they want to select, then you will need to handle that in your app after we connect the accounts and redirect to you. Following a similar workflow to what is detailed below:

Selection Workflow

  1. Redirect: After authentication, we redirect the user to your app with the new Account IDs.

  2. Fetch & Display: Use the IDs to fetch account details (names, profile pictures).

  3. Confirm: Present a modal asking the user, "Which accounts do you want to connect?"

  4. Cleanup: Call the /disconnect endpoint to remove any accounts the user did not select.

Handling Shared Accounts

Post for Me does not allow duplicate accounts within a single project.

How it works:

If "User A" connects a specific Facebook Page, and later "User B" connects that exact same Facebook Page, we will update the existing record rather than creating a new one.

Note: If your application allows multiple users to manage the same social account (e.g., a shared business page used by a marketing team), your application must manage the mapping. You will need to maintain a table in your database linking your internal user_ids to our single social_account_id.

Start coding today

Sign up for an account and start integrating social media posting, feeds, and metrics into your product.

🚀 Get Started