Skip to main content

Social sign-in

Social sign-in allows users to log in to your application using their existing accounts from providers like Google, GitHub, or Microsoft. This guide shows how to enable and configure social sign-in for your Ory project.

Set the base redirect URI

  1. Log in to your Ory Console
  2. Select your workspace and project
  3. Navigate to the Authentication tab
  4. Click on Social Sign-In (OIDC) in the sidebar
  5. Enable the Enable OpenID Connect toggle
  6. Enter the URL of your application that should handle post-authentication redirects
https://console.ory.sh/projects/<id>

Enable OpenID Connect

Add a social provider

After enabling OpenID Connect, add a provider:

  1. Click the "Add new OpenID Connect provider" button
  2. Select a provider from the list:
https://console.ory.sh/projects/<id>/social-signin

Provider Selection

Ory offers pre-configured options for popular providers. Check our provider list here.

Configure your provider

For pre-configured providers, you'll typically need to enter:

  • Client ID (obtained from the provider's developer console)
  • Client Secret (obtained from the provider's developer console)
https://console.ory.sh/projects/<id>/social-signin

Generic Provider Configuration

The configuration includes:

  • Client ID
  • Client Secret

What users will see

After configuring social sign-in, your users will experience:

https://<base-url>/ui/login?flow=

Login with Social

User flow

  1. A login page that displays buttons for each configured social provider
  2. When they click a provider button, they'll be redirected to that provider's authentication page
  3. After authenticating with the provider, they'll be sent back to your application
  4. If it's their first time using social sign-in, a new account will be created automatically
  5. For returning users, they'll be logged into their existing account