IdP Selection and Social Login
Enable social identity providers and IdP discovery
Supported Providers
Google
OIDC
Microsoft
OIDC
Facebook
OAuth 2.0
GitHub
OAuth 2.0
LinkedIn
OAuth 2.0
Apple
OIDC
IdP Selection Methods
Button-Based Selection
Display identity provider buttons on the login page
Email Domain Discovery
Automatically route users based on their email domain
URL-Based Routing
Direct users to specific IdPs via URL parameters
Configuration Example
Google OAuth Configuration
External Identity Provider:
Name: google
Type: OpenID Connect
Client Configuration:
Client ID: [from Google Cloud Console]
Client Secret: [from Google Cloud Console]
Endpoints:
Authorization: https://accounts.google.com/o/oauth2/v2/auth
Token: https://oauth2.googleapis.com/token
UserInfo: https://openidconnect.googleapis.com/v1/userinfo
Scopes:
- openid
- email
- profile
Attribute Mapping:
email → email
name → displayName
sub → externalId