# Complete login with Tiktok Completes the Tiktok social login flow and authenticates the user in Mosaic. Endpoint: POST /v1/auth/social/tiktok/authenticate Security: ClientAccessToken ## Request fields (application/json): - `resource` (string) Resource URI the authentication request is attempting to access, which is reflected in the audience (aud claim) of the access token. This must be configured as resource for the application. - `claims` (object) Used to request additional claims in the ID token, such as roles, permissions, and other user profile data. The structure is per the [OIDC Standard](https://openid.net/specs/openid-connect-core-1_0-final.html#ClaimsParameter). For supported claims and how to request custom claims, see the [ID Token Reference](https://developer.transmitsecurity.com/openapi/id_token_reference/). Example: {"id_token":{"roles":null}} - `claims.id_token` (object) Example: {"roles":null} - `claims.access_token` (object) - `org_id` (string) Organization ID, used for member login in B2B scenarios - `client_attributes` (object) Client attributes - `client_attributes.user_agent` (string) - `client_attributes.ip_address` (string) - `session_id` (string) Used to associate the authentication with an existing session (such as for MFA). If unspecified, a new session is created and the session ID is returned. - `transaction_id` (string, required) The transaction identifier that was previously returned by the verification endpoint. This ID is required to associate this authentication request with the verified token information stored during the verification step. - `user_id` (string, required) An identifier of the user for whom the token is being requested ## Response 200 fields (application/json): - `access_token` (string, required) User access token for accessing endpoints on behalf of the authenticated user. - `id_token` (string) ID token that identifies the user. - `refresh_token` (string) Refresh token used to refresh an expired access token. - `token_type` (string, required) Bearer. - `expires_in` (number, required) Expiration time of the access token in seconds. - `session_id` (string, required) ID of the session in which the authentication occurs.