Integrating SSO Providers

SSO Providers let your users sign in with email/password or with accounts they already have on other services (like Google, GitHub, or Slack). You connect the provider once, and WeWeb uses it to handle sign in, sign out, and basic identity for your app.

What SSO Providers do

• Let users choose how to sign in — Email/password, social accounts, or single sign‑on depending on the provider
• Centralise identity — Delegate sign in to a trusted provider instead of storing passwords yourself
• Work with roles and access — Combine providers with WeWeb Users and Roles so you can restrict pages, collections, and endpoints

How to set up a provider (high level)

1. Open Data & API → Authentication → SSO Providers
2. Choose the provider you want to enable
3. Follow the in‑product steps to connect your provider account and copy/paste the required keys or credentials
4. Save and test by signing in with a test user

After enabling a provider, new users can sign in with that method. You can still create test users manually when needed.

Using the Sign in with social provider action

Once at least one social provider is configured, you use the Sign in with social provider action in an Interface workflow to let users log in.

Where to use this action

• Login buttons and links — Add the action to a button on your login or landing page so users can click “Sign in with Google”, “Sign in with GitHub”, and so on.
• Multi‑step sign‑in flows — Combine it with other actions (for example, Try/Catch, Open popup, or Change page) to show errors or route users to different parts of your app.

Action options

When you add Sign in with social provider to a workflow, you configure a few key options:

• Provider — The social provider to use. You can only select providers you enabled in Data & API → Authentication → SSO Providers.
• Success page — Where to send users after a successful sign in (for example a dashboard page).
• Error page — Where to send users if sign in fails (for example a “Sign-in failed” page with a retry button).
• New user page — Optional page for first‑time users (useful for onboarding).
• Disable redirect — Keeps the user on the current page after sign in, so you can handle navigation yourself (for example with a Change page action).

These page selections are used as redirect URLs (the URLs the provider sends users back to after login). This is why your provider dashboard setup usually asks you to add one or more “redirect URLs”, “callback URLs”, or “allowed return URLs”.

Example: basic social sign in flow

1. Add a button to your login page and label it “Continue with Google”.
2. Create a workflow on click and add the Sign in with social provider action.
3. Set:
   • Provider To google.
   • Success page To your main dashboard.
   • Error page To a simple “Sign‑in failed” page with a retry button.
   • New user page To an onboarding page (optional).
4. Preview the project and sign in with a test Google account.
5. Confirm that:
   • You are redirected to the correct page.
   • The user is authenticated (for example, sections that require authentication now show and your protected API Endpoints accept the request).

After this point, all providers behave the same way: once a user is signed in, they follow the same rules as any other authenticated user. For details on roles, access checks, and how to protect data, see the Users and roles page and related auth documentation.

All SSO Providers

Below is a quick view of built‑in providers you can enable. Click a provider to open its dedicated setup guide (where available).

Email/password

Native sign up and sign in with email, passwords, OTP, and magic links.

Learn more

Amazon Cognito

Let users sign in through your Amazon Cognito user pool.

Learn more

Apple

Let users sign in with their Apple ID (Sign in with Apple).

Learn more

Atlassian

Let users sign in with their Atlassian account (Jira, Confluence, and more).

Learn more

Discord

Let users sign in with their Discord account.

Learn more

Dropbox

Let users sign in with their Dropbox account.

Learn more

Facebook

Let users sign in with their Facebook account.

Learn more

Figma

Let users sign in with their Figma account.

Learn more

GitHub

Let users sign in with their GitHub account.

Learn more

GitLab

Let users sign in with their GitLab account.

Learn more

Google

Let users sign in with their Google account.

Learn more

Hugging Face

Let users sign in with their Hugging Face account.

Learn more

Kakao

Let users sign in with their Kakao account.

Learn more

Kick

Let users sign in with their Kick account.

Learn more

LINE

Let users sign in with their LINE account.

Learn more

Linear

Let users sign in with their Linear account.

Learn more

LinkedIn

Let users sign in with their LinkedIn account.

Learn more

Microsoft

Let users sign in with Microsoft accounts (personal or work).

Learn more

Naver

Let users sign in with their Naver account.

Learn more

Notion

Let users sign in with their Notion account.

Learn more

PayPal

Let users sign in with their PayPal account.

Learn more

Polar

Let users sign in with their Polar account.

Learn more

Reddit

Let users sign in with their Reddit account.

Learn more

Roblox

Let users sign in with their Roblox account.

Learn more

Salesforce

Let users sign in with their Salesforce account.

Learn more

Slack

Let users sign in with their Slack account.

Learn more

Spotify

Let users sign in with their Spotify account.

Learn more

TikTok

Let users sign in with their TikTok account.

Learn more

Twitch

Let users sign in with their Twitch account.

Learn more

Twitter (X)

Let users sign in with their X (Twitter) account.

Learn more

Vercel

Let users sign in with their Vercel account.

Learn more

VK

Let users sign in with their VK account.

Learn more

Zoom

Let users sign in with their Zoom account.

Learn more

Continue learning

Review key security features and best practices.

Users and roles overview →