Skip to main content

Social sign-in

Social sign-in allows users to log in to your application using their existing accounts from providers like Google, GitHub, or Microsoft. This guide shows how to enable and configure social sign-in for your Ory project.

Enabling Social Sign-In

To enable social sign-in:

  1. Log in to your Ory Console
  2. Select your workspace and project
  3. Navigate to the Authentication tab
  4. Click on Social Sign-In (OIDC) in the sidebar
  5. Enable the "Enable OpenID Connect" toggle
https://console.ory.sh/projects/<id>/settings

Enable OpenID Connect

Adding a Social Provider

After enabling OpenID Connect, add a provider:

  1. Click the "Add new OpenID Connect provider" button
  2. Select a provider from the list:
https://console.ory.sh/projects/<id>/settings

Provider Selection

Ory offers pre-configured options for popular providers. Check our provider list here.

Configuring Your Provider

For pre-configured providers, you'll typically need to enter:

  • Client ID (obtained from the provider's developer console)
  • Client Secret (obtained from the provider's developer console)

For generic providers, you'll need to fill in more details:

https://console.ory.sh/projects/<id>/settings

Generic Provider Configuration

The configuration includes:

  • Redirect URI (automatically generated by Ory)
  • Label (how the provider will appear to users)
  • Client ID
  • Client Secret
  • Issuer URL
  • Scopes (e.g., openid email profile)
  • Data mapping (optional)

Setting the Base Redirect URI

Configure the Base Redirect URI where users will be redirected after successful authentication:

  1. In the Social Sign-In (OIDC) settings, locate the "Base Redirect URI" field
  2. Enter the URL of your application that should handle post-authentication redirects
  3. This URL will be used for all OIDC providers

What users will see

After configuring social sign-in, your users will experience:

https://console.ory.sh/projects/<id>/settings

Login with Social

  1. A login page that displays buttons for each configured social provider
  2. When they click a provider button, they'll be redirected to that provider's authentication page
  3. After authenticating with the provider, they'll be sent back to your application
  4. If it's their first time using social sign-in, a new account will be created automatically
  5. For returning users, they'll be logged into their existing account

Next steps

After configuring social sign-in:

  1. Manage user sessions for authenticated users
  2. Set up Multi-factor Authentication for additional security
  3. Add logout functionality to your application
Ory Network

The most flexible and scalable way to manage identi­ties, authen­tication, autho­rization and access control.Explore Ory Network

Explore Ory Network