logo logo
7.3.0
  • 7.3.0
  • 7.2.0
  • 7.1.0
  • 7.0.0
  • 6.1.0
  • 6.0.0
  • Show all
Initializing search
    • Home
      • Introduction
      • Quick Setup
          • Quickstart
          • Complete Guide
          • Quickstart
          • Quickstart
          • Quickstart
          • Complete Guide
          • Quickstart
          • Complete Guide
          • Quickstart
          • Complete Guide (Redirect)
          • Complete Guide (App-Native)
          • Quickstart
          • Complete Guide
        • .NET Guide
        • Spring Boot Quickstart
      • Try for a sample app
          • React
          • JavaScript
          • OIDC Java EE
          • SAML Java EE
          • WS-Federation
        • TypeScript
        • Python
        • Python
        • TypeScript
      • Subscribe to AI features
      • About this release
    • Guides
      • Applications
        • Register an SPA
        • Register web app with OIDC
        • Register web app with SAML
        • Register a standard-based app
        • Register a mobile app
        • Register a machine-to-machine (M2M) app
        • Register a FAPI-compliant app
        • Register an MCP client app
        • Register a React app
        • Register a Next.js app
      • Authentication
          • Add login to apps
          • Add login to an SPA
          • Add login to a web app
          • Add login to a mobile app
        • Add login to SaaS apps
          • Google Workspace
          • Salesforce
          • Microsoft 365
          • Zoom
          • Slack
        • Add passwordless login
          • Add login with Magic link
            • Add login with Passkey
            • Validate FIDO attestations
          • Add login with Email OTP
          • Add login with SMS OTP
          • Add login with Push Notification
        • Add multi-factor authentication
          • Add TOTP
          • Add Email OTP
          • Add Passkey
          • Add SMS OTP
          • Add Push Notification
          • Add user-preferred MFA
          • Add x509 login
        • Add federated login
          • Add social login
            • Add Facebook login
            • Add Google login
            • Add GitHub login
            • Add Microsoft login
            • Add Apple login
            • Add X login
          • Add standard-based login
            • Add login with OIDC IdP
            • Add login with SAML IdP
            • Add login with WS-Federation
            • Add IWA login
            • Add Microsoft 365 login
            • Add AD FS login
            • Add Signicat login
            • Add FranceConnect login
            • Add SwissID login
          • Configure a custom connector
        • Enable user attributes
          • Enable attributes for OIDC apps
          • Enable attributes for SAML apps
        • Manage consent for user attributes
        • Configure Just-in-Time user provisioning
        • Add conditional authentication
          • Set up conditional authentication
            • Add access control
            • Age-based access
            • Concurrent session-based access
            • Add adaptive MFA
            • MFA based on user role
              • Overview
              • Configure ACR-based adaptive authentication
            • MFA based on user store
            • MFA based on login-attempts
            • MFA based on user group
            • MFA based on user device
            • MFA based on IP address
            • MFA based on ELK-risk
            • MFA based on TypingDNA
            • Add passkey progressive enrollment
            • Add push notification device progressive enrollment
            • Add on-demand silent password migration
            • OTP Retry and Resend Limits
          • Write a custom authentication script
        • Configure multi-attribute login
        • App-native authentication
          • Add app-native authentication
          • Secure app-native authentication flows
          • Handle advanced login scenarios
        • Login Flow AI
        • Configure OIDC flows
          • Discover OIDC endpoints
          • Dynamic Client Registration (DCR)
            • Authorization code flow
            • Authorization code flow and PKCE
            • Hybrid flow
            • Device authorization flow
            • Pushed Authorization Requests (PAR)
            • JWT Secured Authorization Response Mode (JARM) for OAuth 2.0
            • JWT Bearer Grant
            • CIBA Grant
            • Private key JWT
            • Validate tokens at a resource server
            • Validate JWT with JWKS
            • Validate ID tokens
              • Encrypt and decrypt ID tokens
              • ID token encryption reference
            • Request user information
            • Revoke tokens
            • Configure token exchange
            • RP-initiated logout
            • Back-channel logout
            • Front-channel logout
            • Federated IdP-initiated logout
        • Configure SAML flows
          • Discover SAML endpoints and settings
          • SAML artifact binding
          • Implement SAML federated IdP-initiated SSO
          • SAML back-channel logout
      • Authorization
          • Role-based access control
        • MCP server authorization
        • User impersonation
          • via Console
          • via business application (advanced)
        • Rich Authorization Requests
      • Identity Verification
        • Configure an Identity Verification Provider
      • User management
        • Manage administrators
          • Onboard users
          • Manage users
        • Manage groups
        • Manage roles
        • Manage active sessions
          • Inbound provisioning
            • Overview
            • Set up outbound provisioning
            • Group-based provisioning
              • Google
              • Salesforce
              • SCIM2
              • Custom Outbound Connector
            • Provisioning patterns
          • Overview
          • Hubspot
          • Salesforce
          • Pipedrive CRM
          • Sendgrid
          • Zoho CRM
        • Manage attributes and mappings
            • Manage attributes
            • Configure attributes
            • Configurations reference
          • OIDC attribute mappings
          • OIDC scopes
          • SCIM2 attribute mappings
          • Configure email address as the username
          • Configure unique attributes
          • Configure multi-valued contact attributes
            • Configure settings
              • Email address update verification
              • Mobile number update verification
        • Manage user stores
          • Configure the primary user store
            • Configure a JDBC user store
            • Configure a read-only LDAP user store
            • Configure a read-write Active Directory user store
            • Configure a read-write LDAP user store
          • Configure secondary user stores
          • User store properties
            • Properties used in JDBC user store manager
            • Properties used in read-only LDAP user store manager
            • Properties used in read-Write Active Directory user store manager
            • Properties used in read-write LDAP user store manager
          • Configure user stores for SCIM 2.0
          • Configure Active Directory user stores for SCIM 2.0
        • Migrate users to WSO2 Identity Server
          • Migrate user accounts
          • Migrate user passwords
      • Workflows
        • Approval workflows
        • Approval workflow rules
        • Workflow requests
      • Account configurations
          • Password validation
          • Login attempts
          • Bot detection
          • Session management
          • Username recovery
          • Admin Initiated Password Reset
        • Notification settings
        • Account disabling
      • Flows
        • Get Started
        • Self Registration
        • Password Recovery
        • Invited User Registration
        • Flow AI
        • Use the Flow Execution API
        • Understand Flow Execution Components
        • Troubleshooting
      • User self-service
          • Access the My Account portal
          • Configure the My Account portal
            • Update profile information
            • Change password
            • Manage linked social accounts
            • Export profile information
            • Manage consents
            • Manage login sessions
            • Register passkeys
            • Register Push Notification Device
            • Username recovery
            • Enroll TOTP
            • Manage backup codes
            • Discover applications
            • Manage approvals
        • Build your own self-service capabilities
      • Organizations
          • Overview
        • Set up organizations
          • Set up administration portal
          • Onboard administrators
            • Sales-led approach
            • Self-service approach
          • Share applications
            • Create application
            • Select token issuer
          • Manage conflicts in organizations
          • Overview
          • Authorize applications to API resources
          • Configure roles to consume authorized APIs
          • Generate tokens for organization applications
          • Onboard users
          • Share users
          • Organization settings
            • Login and registration settings
            • UI branding
            • Email and SMS templates
            • User attributes
            • OIDC scopes
            • Flows
          • Extend with service extensions
          • Overview
            • Discover organizations during login
            • Email domain-based organization discovery
          • Organization login with app-native authentication
            • Overview
            • Migrate applications to enhanced approach
          • Disable or delete an organization
          • Clean up deleted organization resources
        • Try a B2B use case
        • Configure Email Provider
        • Configure SMS Provider
        • Configure Push Provider
        • Customize branding
          • Configure UI branding
          • Branding AI
            • Using the Console
            • By updating server files
          • Customize email templates
          • Customize SMS templates
          • Localization support
          • Understanding service extensions
            • Custom authentication
            • Setting up an action
            • Pre issue access token action
            • Pre issue ID token action
            • Pre update password action
            • Pre update profile action
          • Understanding webhooks
          • Setup webhooks
          • Webhook events and payloads
        • ELK Analytics
          • Access analytics
          • Analyze login attempts
          • Analyze active sessions
          • ELK Alerts
        • Web analytic solutions
        • A/B Testing
      • Multitenancy
        • Manage Root Organizations (Tenants)
        • Tenant loading policy
        • MCP Authorization
          • Securing MCP Servers
          • Setting up MCP Clients
        • Identity for AI Agents
          • Register and manage agents
          • Agent credentials
          • Access control for agents
          • Agent authentication
      • Verifiable Credentials
        • Issue verifiable credentials to a digital wallet
      • Your WSO2 Identity Server
        • Manage Console access
        • Self-service
        • Recover your username
        • Recover super admin account
    • Tutorials
      • Verifiable credentials with Microsoft Entra Verified ID
      • Verifiable credentials with MATTR
      • Send notifications through an external scheduled task
      • Configure Choreo for silent password migration
      • Build your own push authenticator app
      • Secure Agentic AI Systems with WSO2 Identity Server
      • Access Control for Ambient Agents
        • Install
        • Run
        • Get WSO2 updates
        • User Stores
          • Add high availability for LDAP
          • Secure a JDBC user store with hashing
          • Configure the Authorization Manager
          • Configure the System Administrator
        • Databases
          • Change the Carbon Database
            • Change to IBM DB2
            • Change to MariaDB
            • Change to MSSQL
            • Change to MySQL
            • Change to Oracle
            • Change to Oracle RAC
            • Change to PostgreSQL
            • Change to remote H2
            • Change the Default Datasource for Consent Management
            • Change the Default Datasource for Session Data
            • Change the Default Datasources for the Registry Data
            • Change the Default Datasource for Agent Identities
            • Registry Related Tables
            • User Management Related Tables
            • Identity Related Tables
            • Service Provider Related Tables
            • Identity Provider Related Tables
          • Data Purging
          • Remove References to Deleted User Identities
        • Session persistence
        • Cross-Origin Resource Sharing (CORS)
        • Custom Header Filter
        • Clock tolerance
        • Cookie consent banner
        • Mitigate attacks
          • Cross Site Request Forgery attacks
          • Authorization Code Interception attacks
          • Brute Force attacks
          • Replay attacks
          • SameSite attribute support
          • Prevent browser caching
          • Add logs for tokens
          • Token persistence
          • Remove unused tokens from the database
          • Enable assertions in access tokens
          • Generate JWT tokens without revoking existing tokens
        • Enable hostname verification
          • Configure TLS
          • Configure TLS termination
          • Configure post-quantum TLS
        • Maintain logins and passwords
        • Configure Admin Advisory Banner
          • Encrypt passwords with Cipher Tool
          • Resolve encrypted passwords
          • Customize secure vault
          • Set passwords using environment variables/system properties
        • Enable HTTP Strict Transport Security (HSTS) headers
        • Enable Java Security Manager
        • Enable Mutual SSL
        • Enable FIPS 140-2-compliant mode
        • Security guidelines
          • Product-level
          • OS-level
          • Network-level
          • Symmetric encryption
          • Asymmetric encryption
          • Keystores
            • Create new keystores
            • Manage keystores
            • Manage CA-Signed certificates in a keystore
            • Configure custom keystores for authentication protocols
        • Clean up flow context
          • Deployment Patterns
          • Deployment Checklist
          • Product Compatibility
          • Change the Hostname
          • Restrict public access to management operations
          • Promote Configurations Across Environments
          • WSO2 Clusters with Nginx
          • Databases for Clustering
          • Configure Hazelcast
          • Kubernetes
          • OpenShift
          • Performance Tuning Recommendations
          • Configure Cache Layers
          • Understanding Disaster Recovery
          • Deployment Patterns
          • Additional Reading
          • Backup and Recovery Recommendations
          • Troubleshoot in Production Environments
      • Compliance
        • GDPR
        • CCPA
        • FIPS
        • FAPI
        • Accessibility compliance
        • Configure ELK analytics
        • Configure SSO with ELK analytics
        • Configure ELK alerts
        • Configure ELK analytics for adaptive authentication
      • Monitor
          • Overview
          • HTTP access logs
          • OAuth transaction logs
          • Remote log publishing
            • Overview
            • Log masking with Filebeat
            • Log masking with Log4j
          • Log claims in audit logs
        • Monitor server health
        • JMX-Based Monitoring
        • Work with product observability
      • Upgrade WSO2 Identity Server
    • SDKs
        • Overview
            • <AsgardeoProvider />
              • <SignInButton />
              • <SignOutButton />
              • <SignUpButton />
              • <SignedIn />
              • <SignedOut />
              • <Loading />
              • <UserDropdown />
              • <UserProfile />
              • <User />
              • <CreateOrganization />
              • <OrganizationProfile />
              • <OrganizationSwitcher />
              • <OrganizationList />
              • <Organization />
              • <OrganizationContext />
            • useAsgardeo()
          • Accessing Protected APIs
          • Protecting Routes
        • Overview
            • <AsgardeoProvider />
            • asgardeoMiddleware()
              • <SignInButton />
              • <SignOutButton />
              • <SignUpButton />
              • <SignedIn />
              • <SignedOut />
              • <Loading />
              • <SignIn />
              • <SignUp />
              • <UserDropdown />
              • <UserProfile />
              • <User />
              • <CreateOrganization />
              • <OrganizationProfile />
              • <OrganizationSwitcher />
              • <OrganizationList />
              • <Organization />
            • useAsgardeo()
          • Accessing Protected APIs
          • Protecting Routes
    • Connectors
        • Overview
        • Set up
        • Usage
        • Reference
        • Overview
        • Set up
        • Usage
        • Reference
        • Try it
        • Overview
        • Set up
        • Usage
        • Reference
    • APIs
        • Admin advisory management API
        • Tenant management API
        • Action Management API
        • Agent Management API
        • API resource management
          • Application management API
            • Authorized apps API V1
            • Authorized apps API V2
          • OAuth 2.0 scope management API
          • OpenID Connect scope management API
          • OIDC Dynamic Client Registration API
          • Script Library management API
        • App-native authentication API
        • Authentication Data API
        • Authenticators API
        • Certificate Validation Management API
        • Branding Preferences API
        • Claim management API
          • Email templates v1 API
          • Email templates v2 API
        • Extension management API
        • Identity provider API
        • Identity verification provider API
        • Idle accounts identification API
        • IdP session extension API
          • Notification sender configurations
            • Notification sender v1 API (deprecated)
            • Notification sender v2 API
        • Notification Templates Management API
        • Organization discovery API
        • Organization discovery configuration management API
        • Organization management API
          • Roles v2 API
          • Roles v1 API (deprecated)
        • Rule Metadata API
            • Configuration management API
            • Retrieve Tenant Resources Based on Search Parameters
            • Identity Governance API introduction
            • Identity governance API
          • Keystore management API
          • User store management API
          • CORS API
            • Overview
            • Consent management API
        • Session management API
        • Server configuration API
        • User credential management API
        • User Functionality management API
          • SCIM 2.0 API
            • SCIM 2.0 Users API
            • SCIM 2.0 Groups API
            • SCIM 2.0 Patch operations
            • SCIM 2.0 Bulk API
            • SCIM 2.0 Schema API
            • SCIM 2.0 Batch operations
            • SCIM 2.0 Resource types API
            • SCIM 2.0 Service provider configuration API
            • Account recovery v0.9 API
            • Account recovery v1 API (deprecated)
            • Account recovery v2 API
          • Offline user onboard management API
          • Self Sign-Up API
          • User Account Association API
          • Verification Code Management API
          • Identity verification API
          • V1 (deprecated)
          • V2
        • Validation rules API
        • Verifiable Credential Template Management API
        • Webhook Management API
        • Webhook Metadata API
        • Workflow Management API
      • Organization APIs
        • Get access for organization APIs
        • Action Management API
        • API resource management API
          • Application management API (Shared Applications)
          • Application management API
        • Authenticators API
        • Certificate Validation Management API
        • Branding management API
        • Claim management API
          • Email templates v1 API
          • Email templates v2 API
        • Identity governance API
        • Identity provider management API
        • Identity recovery API
        • Idle accounts identification API
        • Invite parent organization's users API
          • Notification sender v1 API (deprecated)
          • Notification sender v2 API
        • Notification Templates Management API
        • Offline user onboard management API
        • Organization discovery API
        • Organization management API
        • Rule Metadata API
        • SCIM 2.0 Bulk API
        • SCIM 2.0 Group management API
        • SCIM 2.0 Role management API
        • Server configuration API
        • User credential management API
        • User management
          • SCIM 2.0 Users API
          • SCIM 2.0 Groups API
          • SCIM 2.0 Bulk API
          • User Account Association API
          • Verification Code Management API
        • User sharing management API
        • User sharing management API V2
        • User store management API
        • Validation rules API
        • FIDO API
        • Organization Me API
        • Session management API
        • SCIM 2.0 Me API
        • TOTP API
        • Push Notification Device API
        • User account association API
        • User discoverable application API
        • Identity Verification
        • Self password update API
        • Verification Code Management Me API
        • Approval API
    • References
      • Feature deprecation
      • Configuration catalog
        • User roles
        • Track user deletion
        • Self registration confirmation
      • App configurations
        • OIDC configurations
        • SAML configurations
        • WS-Federation configurations
      • IdP configurations
        • OIDC configurations
        • SAML configurations
        • Conditional auth - API
      • Authorization policies for apps
        • Email templates
        • SMS templates
            • API contract to implement
              • API v1.0 contract to implement
              • API v1.1 contract to implement
            • Sample success reponses
              • API v1.0 contract to implement
            • Sample success responses
              • API v1.0 contract to implement
              • API v1.1 contract to implement
              • API v2.0 contract to implement
              • API v1.0 contract to implement
      • Architecture
      • IS extensions
            • Write a custom OAuth2 grant type
            • Configure a custom token issuer
            • Write custom functions for conditional authentication
          • Write a custom local authenticator
          • Write a post-authentication handler
          • Write a custom federated authenticator
          • Write a custom event handler
          • SCIM2 Custom User Schema Support
          • Write a custom user store manager
      • Default ports
      • Troubleshoot
        • Error catalog
        • API error catalog
        • App-native error catalog
        • Verifiable credentials with Microsoft Entra Verified ID
        • Verifiable credentials with MATTR
        • Send notifications through an external scheduled task
        • Configure Choreo for silent password migration
        • Build your own push authenticator app
        • Use WSO2 Identity Server with identity gateways
          • OAuth2 Proxy
          • Oathkeeper
          • Mod Auth OpenIDC
        • OAuth2 grant types
        • OAuth2 Pushed Authorization Requests
        • Token binding
          • Client-request
          • DPoP
        • Client Secret & Token hashing
        • Financial-grade API
        • App-native authentication
        • OIDC session management
        • Push Notification based authentication
        • OpenID for verifiable credential issuance (OID4VCI)
        • Introduction 4 mins
        • Prerequisite 2 mins
        • Pre-Issue Access Token Action Use Case 4 mins
        • Configure Pre-Issue Access Token Action with Choreo 5 mins
        • Configure Pre-Issue Access Token Action with Vercel 5 mins
        • Configure Pre-Issue Access Token Action with AWS Lambda 5 mins
        • Pre-Update Password Action Use Case 4 mins
        • Configure Pre-Update Password Action with Choreo 5 mins
        • Configure Pre-Update Password Action with Vercel 5 mins
        • Configure Pre-Update Password Action with AWS Lambda 5 mins
        • Introduction 2 mins
        • Prerequisite 30 secs
        • Configure an application 2 min
        • Create a React app 2 min
        • Configure Asgardeo SDK 2 min
        • Add login and logout 2 min
        • Display user details 2 min
        • Securing Routes 2 min
        • Accessing protected API 2 min
        • Manage tokens in React 2 min
        • Next Steps 1 min
        React
          • Introduction 2 mins
          • Prerequisite 30 secs
          • Register an application 2 min
          • Create a Next.js app 2 min
          • Configure Asgardeo SDK 2 min
          • Add login and logout 2 min
          • Display user details 4 min
          • Securing Routes 4 min
          • Accessing protected API 2 min
          • Manage tokens in Next.js 2 min
          • Next Steps 1 min
          Redirect-Based
          • Introduction 2 mins
          • Prerequisites 30 secs
          • Register an application 2 min
          • Create an app for app-native authentication 2 min
          • Configure Asgardeo SDK 2 min
          • Add login and logout 10 min
          • Add MFA using app-native APIs 5 min
          • Add Social Login using app-native APIs 5 min
          • Manage tokens in app-native apps 2 min
          • Next Steps 1 min
          App-Native
        • Introduction 2 mins
        • Prerequisite 30 secs
        • Register an application 2 min
        • Create an Angular app 2 min
        • Configure Auth provider 2 min
        • Add login and logout 2 min
        • Display user details 2 min
        • Securing Routes 2 min
        • Accessing protected API 2 min
        • Manage tokens in Angular 2 min
        • Next Steps 1 min
        Angular
        • Introduction 2 mins
        • Prerequisite 30 secs
        • Register an application 2 min
        • Create a JavaScript app 2 min
        • Configure Asgardeo SDK 2 min
        • Add login and logout 2 min
        • Display user details 2 min
        • Accessing protected API 2 min
        • Manage tokens in JavaScript 2 min
        • Next Steps 1 min
        Javascript
        • Introduction 2 mins
        • Prerequisite 30 secs
        • Configure an application 2 min
        • Create an Express.js app 2 min
        • Configure Passport Asgardeo 2 min
        • Add login and logout 2 min
        • Persist user sessions 2 min
        • Display user details 2 min
        • Securing Routes 2 min
        • Accessing protected API 2 min
        • Next Steps 1 min
        Express.js
        • Introduction 2 mins
        • Prerequisites 30 secs
        • Register an application 2 min
        • Create a .NET app 2 min
        • Configure auth properties 2 min
        • Add login and logout 10 min
        • Securing Routes 5 min
        • Display user details 5 min
        • Accessing protected API 2 min
        • Manage tokens in .NET 2 min
        • Next Steps 1 min
        .NET

    Add social login

    Add social login to your applications with WSO2 Identity Server

    Facebook Facebook GitHub GitHub GitHub Google Google Microsoft Microsoft Apple Apple Apple X X
    X
    Back to top

    Join our Discord

    Connect with our community on our official Discord server. Share ideas, get help, and be a part of the awesome conversations!

    Join Discord
    Ask on Stackoverflow
    Head over to GitHub
    Follow us on X (Formerly Twitter)
    Subscribe to our YouTube Channel
    © 2024-2026 WSO2 LLC.  |  Content licensed under CC By 4.0. | Sample code licensed under Apache 2.0.