AuthRocket supports a number of social authentication providers. We’ve done all the hard work of integration and simplified everything into a single, unified API.
In fact, social auth requires no extra code beyond the small bit required to handle any kind of login. If you already have traditional, password-based logins working with AuthRocket, no additional code is required at all.
If you don’t have logins integrated with your app yet, don’t worry. It’s simple, and you’ll instantly have a variety of login and authentication methods available to you with a few clicks of your mouse (or trackpad).
AuthRocket has pre-configured integrations with these providers:
Additionally, select plans also support Custom OAuth2 providers, enabling you to connect to any compatible OAuth2 provider.
The profile data available from each social provider varies. The only required field is the user’s email.
If you’ve configured other required fields as part of your LoginRocket configuration, LoginRocket will first look in the social profile for those fields, such as first and last name. If they’re not present, the user will prompted for the data the first time they login.
One of the challenges of using social auth is its potential to create confusion when users login. For this reason, we recommend enabling only one social provider, or two at most.
Even then, a user might not remember which provider they used, or if they used a password instead. It’d be easy for a user to end up with multiple accounts in your app, which is almost certainly not the intended outcome.
To avoid this problem, AuthRocket automatically merges profiles when appropriate. If a user logs in using Google one time and Facebook the next, as long as they used the same email with both of those services (which is quite likely), AuthRocket will recognize them as one user and link everything together.
If you also allow password logins, any user who previously used social auth may also set a password using the reset password system. This ensures users can login if they forget they used a social provider previously, or even if they delete that profile.
Once a social provider is linked to their AuthRocket login, the user can change their email either at the social provider or inside AuthRocket and everything will continue to work. Emails are only used to make the initial link.