Skip to main content

Overview

django-allauth supports 100+ authentication providers across multiple protocols including OAuth 1.0a, OAuth 2.0, OpenID Connect, and SAML 2.0. Each provider can be configured independently with custom scopes, authentication parameters, and behaviors.

Google

OAuth2 - Profile, email, calendar, drive

GitHub

OAuth2 - User profile, repositories, organizations

Facebook

OAuth2 - Profile, email, friends

Microsoft

OAuth2 - Azure AD, Office 365

Apple

OAuth2 - Sign in with Apple

Twitter

OAuth2 - Profile, tweets

LinkedIn

OAuth2 - Profile, connections

Amazon

OAuth2 - Login with Amazon

GitLab

OAuth2 - Self-hosted & SaaS

All Providers (A-Z)

Discord

Voice, text, and video

Facebook

Social network

Instagram

Photo sharing

Kakao

Korean messaging

Line

Asian messaging

LinkedIn

Professional network

Reddit

Discussion platform

Slack

Team communication

Snapchat

Multimedia messaging

Telegram

Messaging platform

TikTok

Short video

Tumblr

Microblogging

Twitter

Social media

Twitch

Game streaming

Vimeo

Video platform

VK

Russian social

Weibo

Chinese social

Weixin

WeChat platform

WhatsApp

Messaging

Zoom

Video conferencing

Bitbucket

Git hosting

Gitea

Self-hosted Git

GitHub

Code hosting

GitLab

DevOps platform

Stack Exchange

Q&A network

Auth0

Identity platform

Authentiq

Identity provider

Atlassian

Jira, Confluence

Azure AD

Microsoft identity

Keycloak

Open source IAM

LemonLDAP

SSO framework

NetIQ

Access management

Okta

Identity service

SAML

Enterprise SSO

OpenID Connect

Modern SSO

Amazon

AWS services

Box

Cloud storage

DigitalOcean

Cloud hosting

Dropbox

File storage

Evernote

Note taking

Google

Gmail, Drive, Calendar

HubSpot

CRM platform

Microsoft

Office 365, OneDrive

Nextcloud

Self-hosted cloud

Notion

Workspace

Salesforce

CRM platform

Shopify

E-commerce

Trello

Project management

Zoho

Business suite

Coinbase

Cryptocurrency

PayPal

Payments

Questrade

Trading platform

QuickBooks

Accounting

Robinhood

Trading app

Stripe

Payment processing

YNAB

Budget app

23andMe

Genetic testing

Strava

Fitness tracking

TrainingPeaks

Athletic training

Wahoo

Fitness devices

Flickr

Photo sharing

Pinterest

Visual discovery

SoundCloud

Audio streaming

Spotify

Music streaming

Steam

Gaming platform

Untappd

Beer tracking

Agave

Research computing

CERN

Research organization

CILogon

Academic identity

Globus

Research data

JupyterHub

Notebooks

ORCID

Researcher ID

Baidu

Chinese search

Daum

Korean portal

Draugiem

Latvian social

Kakao

Korean platform

Line

Asian messaging

Mail.ru

Russian email

Naver

Korean search

Odnoklassniki

Russian social

Yandex

Russian search

AngelList

Startup platform

Asana

Task management

Basecamp

Project management

Battle.net

Blizzard gaming

Clever

Education platform

Dataporten

Norwegian education

DingTalk

Enterprise communication

Discogs

Music database

Doximity

Medical network

Drip

Email marketing

Dwolla

Payment API

Edmodo

Education platform

edX

Online learning

Eventbrite

Event management

EVE Online

Gaming

Exist

Life tracking

Feedly

RSS reader

Feishu

Lark platform

Figma

Design tool

500px

Photography

Frontier

Elite Dangerous

Firefox Accounts

Mozilla identity

Gumroad

Creator platform

Lichess

Chess platform

Mailchimp

Email marketing

Mailcow

Email server

MediaWiki

Wiki platform

Meetup

Event platform

Miro

Collaboration

OpenStreetMap

Mapping platform

Patreon

Creator support

Pocket

Read later

ShareFile

File sharing

Stocktwits

Stock social

WindowsLive

Microsoft services

Xing

Professional network

Yahoo

Yahoo services

Protocol Categories

OAuth 2.0 Providers

Most modern providers use OAuth 2.0. These require:
  • Client ID and secret from provider’s developer portal
  • Redirect URI configuration
  • Optional scope configuration
Popular OAuth2 providers: Google, GitHub, Facebook, Microsoft, Twitter (v2), LinkedIn, Amazon

OAuth 1.0a Providers

Legacy OAuth protocol, still used by some providers: OAuth1 providers: Twitter (original), Flickr, Discogs

OpenID Connect (OIDC)

Modern identity layer built on OAuth 2.0:
  • Standardized user info endpoint
  • ID tokens with user claims
  • Discovery via .well-known endpoints
  • Support for multiple independent providers
Configuration: 
SOCIALACCOUNT_PROVIDERS = {
    'openid_connect': {
        'APPS': [
            {
                'provider_id': 'my-sso',
                'name': 'Company SSO',
                'client_id': 'client-id',
                'secret': 'client-secret',
                'settings': {
                    'server_url': 'https://sso.company.com',
                },
            },
        ],
    }
}

SAML 2.0

Enterprise SSO protocol:
  • XML-based authentication
  • Support for multiple Identity Providers
  • Complex attribute mapping
  • Metadata exchange
Installation: 
pip install "django-allauth[saml]"
Configuration: 
SOCIALACCOUNT_PROVIDERS = {
    'saml': {
        'APPS': [
            {
                'name': 'Company SAML',
                'provider_id': 'urn:company.com',
                'client_id': 'company-slug',
                'settings': {
                    'idp': {
                        'entity_id': 'urn:company.com',
                        'metadata_url': 'https://company.com/saml/metadata',
                    },
                },
            },
        ],
    }
}

Provider Setup Guide

1. Add to INSTALLED_APPS

INSTALLED_APPS = [
    # ...
    'allauth.socialaccount.providers.google',
    'allauth.socialaccount.providers.github',
    # Add more providers as needed
]

2. Register App with Provider

Each provider requires app registration:
  1. Visit provider’s developer portal
  2. Create new OAuth application
  3. Configure redirect URI: https://yourdomain.com/accounts/{provider}/login/callback/
  4. Note client ID and secret

3. Configure in Django

Settings-based: 
SOCIALACCOUNT_PROVIDERS = {
    'provider_name': {
        'APPS': [
            {
                'client_id': 'your-client-id',
                'secret': 'your-secret',
            },
        ],
    }
}
Or via Django admin at /admin/socialaccount/socialapp/

Provider-Specific Guides

Google

Developer Console: https://console.developers.google.com/ Configuration: 
INSTALLED_APPS = [
    'allauth.socialaccount.providers.google',
]

SOCIALACCOUNT_PROVIDERS = {
    'google': {
        'APPS': [
            {
                'client_id': 'your-client-id.apps.googleusercontent.com',
                'secret': 'your-client-secret',
            },
        ],
        'SCOPE': ['profile', 'email'],
        'AUTH_PARAMS': {
            'access_type': 'online',
        },
        'OAUTH_PKCE_ENABLED': True,
    }
}
Redirect URI: https://yourdomain.com/accounts/google/login/callback/ One Tap Sign-In: 
<script src="//accounts.google.com/gsi/client" async></script>
<div id="g_id_onload"
     data-client_id="your-client-id.apps.googleusercontent.com"
     data-login_uri="{% url 'google_login_by_token' %}">
</div>

GitHub

Developer Settings: https://github.com/settings/applications/new Configuration: 
INSTALLED_APPS = [
    'allauth.socialaccount.providers.github',
]

SOCIALACCOUNT_PROVIDERS = {
    'github': {
        'APPS': [
            {
                'client_id': 'your-github-client-id',
                'secret': 'your-github-secret',
            },
        ],
        'SCOPE': ['user', 'repo', 'read:org'],
        'VERIFIED_EMAIL': True,
    }
}
Redirect URI: https://yourdomain.com/accounts/github/login/callback/ GitHub Enterprise: 
SOCIALACCOUNT_PROVIDERS = {
    'github': {
        'GITHUB_URL': 'https://github.company.com',
    }
}

Facebook

Developer Portal: https://developers.facebook.com/ Configuration: 
INSTALLED_APPS = [
    'allauth.socialaccount.providers.facebook',
]

SOCIALACCOUNT_PROVIDERS = {
    'facebook': {
        'APPS': [
            {
                'client_id': 'your-app-id',
                'secret': 'your-app-secret',
            },
        ],
        'METHOD': 'oauth2',
        'SCOPE': ['email', 'public_profile'],
        'FIELDS': [
            'id',
            'email',
            'name',
            'first_name',
            'last_name',
            'verified',
        ],
        'VERIFIED_EMAIL': False,
    }
}

Microsoft / Azure AD

Azure Portal: https://portal.azure.com/ Configuration: 
INSTALLED_APPS = [
    'allauth.socialaccount.providers.microsoft',
]

SOCIALACCOUNT_PROVIDERS = {
    'microsoft': {
        'APPS': [
            {
                'client_id': 'your-application-id',
                'secret': 'your-client-secret',
            },
        ],
        'TENANT': 'common',  # or your tenant ID
    }
}

Apple

Developer Portal: https://developer.apple.com/ Configuration: 
INSTALLED_APPS = [
    'allauth.socialaccount.providers.apple',
]

SOCIALACCOUNT_PROVIDERS = {
    'apple': {
        'APPS': [
            {
                'client_id': 'com.yourcompany.service',
                'secret': 'your-secret',
                'key': 'your-key-id',
                'settings': {
                    'certificate_key': '''-----BEGIN PRIVATE KEY-----
Your private key here
-----END PRIVATE KEY-----''',
                },
            },
        ],
    }
}

Twitter (OAuth2)

Developer Portal: https://developer.twitter.com/ Configuration: 
INSTALLED_APPS = [
    'allauth.socialaccount.providers.twitter_oauth2',
]

SOCIALACCOUNT_PROVIDERS = {
    'twitter_oauth2': {
        'APPS': [
            {
                'client_id': 'your-client-id',
                'secret': 'your-client-secret',
            },
        ],
    }
}

Common Scopes Reference

Google Scopes

  • profile: Basic profile information
  • email: Email address
  • openid: OpenID Connect
  • https://www.googleapis.com/auth/calendar: Calendar access
  • https://www.googleapis.com/auth/drive: Drive access

GitHub Scopes

  • user: Read user profile
  • user:email: Access email addresses
  • repo: Full repository access
  • read:org: Read organization data
  • gist: Gist access

Facebook Permissions

  • public_profile: Basic profile
  • email: Email address
  • user_friends: Friends list
  • user_birthday: Birthday

Microsoft Scopes

  • openid: OpenID Connect
  • profile: User profile
  • email: Email address
  • User.Read: Read user profile
  • offline_access: Refresh tokens

Testing Providers

Development Redirect URIs

For local testing:
  • http://127.0.0.1:8000/accounts/{provider}/login/callback/
  • http://localhost:8000/accounts/{provider}/login/callback/

Production Redirect URIs

  • https://yourdomain.com/accounts/{provider}/login/callback/
  • https://www.yourdomain.com/accounts/{provider}/login/callback/
Configure both HTTP and HTTPS redirect URIs in provider settings if needed for development vs production.

Template Usage

{% load socialaccount %}

<a href="{% provider_login_url 'google' %}">
  Login with Google
</a>

<a href="{% provider_login_url 'github' %}">
  Login with GitHub
</a>

With Next Parameter

{% load socialaccount %}

<a href="{% provider_login_url 'google' next='/dashboard/' %}">
  Login with Google
</a>

Display Connected Accounts

{% load socialaccount %}

{% get_social_accounts user as accounts %}

{% for account in accounts %}
  <p>Connected: {{ account.provider }} - {{ account }}</p>
{% endfor %}

Next Steps

Configuration

Detailed configuration options for providers

Advanced Usage

Customize scopes, adapters, and provider behavior