Common OAuth Providers
This page contains tutorials for configuring some common OAuth providers.
Want to skip OAuth providers configuration?
Try Astuto paid plan, which comes with Google, Facebook and GitHub already configured! You get a 7-day free trial without entering any payment method, then you pay as little as 15 €/month with annual subscription. Learn more or start your 7-day trial now.
Google
- Navigate to https://console.developers.google.com and create a new project
- Using the left sidebar, navigate to "API and services" and then to "Credentials"
- Click "Create Credentials" and then click "OAuth client ID"
- Choose "Web application" as "Application type", type the name of your application and click "Create"
- Take note of the "Client ID" and "Client secret" shown
- On Astuto, navigate to "Site Settings > Authentication" and click "New"
- Fill the form with the following values and click "Save":
- Name: Google
- Client ID: the Client ID you took note of
- Client Secret: the Client Secret you took note of
- Authorize URL:
https://accounts.google.com/o/oauth2/v2/auth
- Token URL:
https://accounts.google.com/o/oauth2/token
- Scope:
https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/userinfo.profile
- Profile URL:
https://www.googleapis.com/oauth2/v2/userinfo
- JSON path to user email:
email
- JSON path to user name:
name
- On Astuto, navigate to "Site Settings > Authentication" and click "Copy URL" next to the Google OAuth
- On Cloud Console, edit the newly created OAuth Client
- Under "Authorised redirect URIs", click "Add URI", paste the copied URL and click "Save"
- On Astuto, test the newly configured provider
Facebook
- Navigate to https://developers.facebook.com/apps/creation/, create a new project and follow the instructions
- Then, from your project dashboard, in the lower left corner, click "App settings" and then "Basic"
- Take note of the "App ID" and "App secret"
- On Astuto, navigate to "Site Settings > Authentication" and click "New"
- Fill the form with the following values and click "Save":
- Name: Facebook
- Client ID: the App ID you took note of
- Client Secret: the App Secret you took note of
- Authorize URL:
https://www.facebook.com/v19.0/dialog/oauth
- Token URL:
https://graph.facebook.com/v19.0/oauth/access_token
- Scope:
email
- Profile URL:
https://graph.facebook.com/v19.0/me?fields=email,name
- JSON path to user email:
email
- JSON path to user name:
name
- On Astuto, navigate to "Site Settings > Authentication" and click "Copy URL" next to the Facebook OAuth
- Then, from your Facebook project dashboard, in the left sidebar, click "Use cases" and, on the right of "Authentication and account creation", click the "Customize" button
- Add "email" under "Permissions" if not already activated
- Click "Go to settings" button
- In "Valid OAuth Redirect URIs" paste the copied URL and click "Save changes"
- On Astuto, test the newly configured provider
Discord
- Navigate to https://discord.com/developers/applications and click "New Application"
- Type the name of your application (e.g. "Astuto"), accept the terms of service and click "Create"
- Using the left sidebar, navigate to "OAuth2 > General"
- Take note of the "Application ID" shown
- Click "Reset Secret" and take note of the "Client Secret" shown
- On Astuto, navigate to "Site Settings > Authentication" and click "New"
- Fill the form with the following values and click "Save":
- Name: Discord
- Client ID: the Application ID you took note of
- Client Secret: the Client Secret you took note of
- Authorize URL:
https://discord.com/oauth2/authorize
- Token URL:
https://discord.com/api/oauth2/token
- Scope:
email identify
- Profile URL:
https://discord.com/api/users/@me
- JSON path to user email:
email
- JSON path to user name:
username
- On Astuto, navigate to "Site Settings > Authentication" and click "Copy URL" next to the Discord OAuth
- On Discord, navigate again to "OAuth2 > General"
- Click "Add Redirect", paste the copied URL and click "Save"
- On Astuto, test the newly configured provider
GitHub
This is an advanced configuration
If you don't understand what's going on in the following configuration, you may want to take a look at the advanced OAuth configuration instructions.
- Navigate to https://github.com/settings/developers and click "New OAuth App"
- Type the name of your application (e.g. "Astuto")
- Type your homepage URL
- Since we do not have a callback URL yet, enter the homepage URL again. We will edit it later.
- Click "Register application"
- Click "Generate client secret", then take note of "Client ID" and "Client secret"
- On Astuto, navigate to "Site Settings > Authentication" and click "New"
- Fill the form with the following values and click "Save":
- Name: GitHub
- Client ID: the Client ID you took note of
- Client Secret: the Client Secret you took note of
- Authorize URL:
https://github.com/login/oauth/authorize
- Token URL:
https://github.com/login/oauth/access_token
- Scope:
user
- Profile URL:
https://api.github.com/user/emails;https://api.github.com/user
- JSON path to user email:
profile0[0].email
- JSON path to user name:
profile1.name
- On Astuto, navigate to "Site Settings > Authentication" and click "Copy URL" next to the GitHub OAuth
- On GitHub, on the OAuth page, scroll all the way down. Paste the copied URL to "Authorization callback URL"
- Click "Update application"
- On Astuto, test the newly configured provider
Microsoft Entra ID (Azure AD)
- Navigate to https://aad.portal.azure.com/ and find "Manage -> App registrations"
- Click "New registration"
- Type the name of your application (e.g. "Astuto")
- Choose which kind of users allowed to login. Select Single tenant, if you only need to provide access to users in our organisation
- The Redirect URI will entered later
- Click "Register"
- On the new application frontpage take note of the "Application ID" and "Directory (Tenant) ID" shown
- Also click the "Endpoints" link at the top, where you can view the Authorize URL and Token URL.
- Navigate to "Certificates & secrets" in left menu and click "New Client Secret"
- Give the new created secret a description and set an expire date.
- Click "Add" and note the secret value. It cannot be displayed again.
- On Astuto, navigate to "Site Settings > Authentication" and click "New"
- Fill the form with the following values and click "Save":
- Name: Microsoft
- Client ID: the Application ID you took note of
- Client Secret: the Client Secret you took note of
- Authorize URL:
https://login.microsoftonline.com/<TenantID>/oauth2/v2.0/authorize
- Token URL:
https://login.microsoftonline.com/<TenantID>/oauth2/v2.0/token
- Scope:
openid
- Profile URL:
https://graph.microsoft.com/oidc/userinfo
- JSON path to user email:
email
- JSON path to user name:
name
- On Astuto, navigate to "Site Settings > Authentication" and click "Copy URL" next to the Microsoft OAuth
- On Microsoft Entra, navigate again the created app registration in click on "Authentication"
- Click "Add platform", and choose "web" and paste the copied URL into Redirect URIs and click "Configure"
- On Astuto, test the newly configured provider