Blog

How to add social logins in your app with WorkOS

November 11, 2024

Learn what social logins are, how they work, and how you can integrate them into your app using WorkOS.

Social logins started gaining traction in the late 2000s as social media platforms became popular. Today, it's quite rare to see a login form for a general consumer app that doesn’t offer at least one form of social login, whether from Google, Microsoft, or Facebook, among others. Customers expect it.

In this article, we will see what social logins are, how they work, and how you can easily integrate them into your app using WorkOS.

What is a social login?

Social logins, also known as social sign-on, are a type of authentication that allows users to sign in to websites and apps using their existing social media accounts, such as Google, Twitter, or LinkedIn. They were developed as a solution to "password fatigue" — the exhaustion and frustration that come from managing numerous online accounts and authentication credentials.

When you see a button that says "Log in with Facebook" or "Sign in with Google," you're looking at a social login option. This feature takes advantage of the widespread use of social media to make accessing new sites and apps more straightforward and faster.

How do social logins work?

The backbone of social logins lies in authentication protocols like OAuth 2.0 and OpenID Connect, which are standards for securely granting access and sharing information between websites.

OAuth 2.0 is an authorization framework that was built to allow one app to access another app on behalf of a user. This was you can integrate your app with a user’s Google Calendar and have their calendar events listed in your app. OAuth issues an access token — a piece of digital data — that grants you limited access to the specific data the user has agreed to share. OAuth by itself does not provide a standard way to authenticate users. That’s when OpenID Connect comes into play.

OpenID Connect (OIDC) is built on top of OAuth. It's basically an add-on that not only says, "Yes, this person is who they say they are," but also adds extra information about a user, like their email address or profile link. It's enables signing in users without the need of extra passwords and helps your app securely know more about the user.

Together, OIDC and OAuth enable social logins.

Each social login provider implements social login slightly differently, but the general process looks like this:

  1. When a user clicks on a social login button (e.g., "Sign up with Google"), they are redirected to the social media platform's login page.
  2. The user logs into their social media account and grants permission to your app to access certain profile information. This permission might include basic profile details like name, email address, and profile picture.
  3. The social media site generates a token (a small piece of data confirming the user's identity) for your app. This token proves the user has successfully logged in through the social platform.
  4. Your app receives the token, verifies it, and allows the user to access its services.

Why add social logins to your SaaS?

Social logins are a win-win feature for both you as a SaaS provider and your users.

Some of the benefits for you are:

  • Increased user acquisition and conversion rates: With an easy signup process, you'll convert more visitors into registered users. Users are more likely to sign up for a service if the process is fast and straightforward, as they don't have to fill out lengthy form fields and create new login credentials.
  • Reduced support costs: Handling issues like password recovery can be resource-intensive. With social logins, much of the burden of managing account security and recovery is shifted to social media platforms, potentially reducing the volume of support queries related to account access issues.
  • Enhanced data accuracy and rich user profiles: When users log in with their social media accounts, your app immediately accesses verified and up-to-date personal information. This data allows you to build detailed user profiles from the moment users register, which is crucial for personalized marketing and customized user experience.
  • Reduced responsibility for user data security: With social logins, the responsibility of securing login credentials shifts to the social media platforms rather than you. This can reduce the burden on your SaaS to protect this aspect of user data, though you still need to ensure the security of the data you collect and handle within your application.

For your customers, adding social logins to your SaaS means:

  • Convenience and ease of use: Users can access your service more quickly without the need to create yet another account. This convenience is a significant draw, especially for new users wanting to try out your app.
  • Trust and familiarity: Logging in with a familiar social media account can make users feel more secure and confident in the trustworthiness of your app, especially if they are wary of sharing personal information with a new or less familiar service.
  • Streamlined account management: Users no longer need to manage multiple credentials or go through tedious account recovery processes for your service. If they need to recover their account, they can do so through their social media platform, which is often a more familiar and streamlined process.

What social providers can you support with WorkOS?

WorkOS supports the following social providers:

You can also set up a generic OIDC connection if you want to support a wider range of providers, like Dropbox or Reddit.

How to implement social login using WorkOS

You can implement social login with WorkOS using:

  • AuthKit, a customizable hosted login box, powered by Radix. AuthKit abstracts away all the complexity of building social authentication. It automatically makes the necessary API calls, routes users through OAuth providers, and handles all potential error states and edge cases, so you don’t have to worry about them.
  • The user management API. Use this option if you prefer to design, build, and manage your own authentication UI.

In either case, first you have set up and activate the social login providers you want to use. You can do that in the Authentication section of the WorkOS dashboard.

Select the OAuth providers you want to support. You will see options for Google, Apple, Microsoft, and Github.

Next, you have to get credentials from the social provider. The configuration process will vary based on the provider you choose. For Google OAuth, for example, you'll need a Google Client ID and Client Secret. These credentials authenticate your app with Google’s OAuth system. Check our guides for the providers you want to configure:

Once you have the required info, enter them in the dashboard. For example, for Google enter the Client ID and Client Secret.

If you are using AuthKit, after configuring each provider, they will be integrated into AuthKit and be available as login options within your app.

No matter if you are using AuthKit or your own UI, you can use our SDKs to access authenticate users using the WorkOS API.

Social logins vs. SSO

Social logins can be considered a form of Single Sign-On (SSO) that specifically uses social network credentials, but there are some differences between the two:

  • Social login is primarily consumer-focused, while SSO is often used in enterprise environments to manage employee access to multiple apps.
  • Social logins typically use OAuth or OpenID Connect as their underlying technology, while SSO systems may use other authentication protocols, such as SAML (Security Assertion Markup Language) or Kerberos.
  • Social logins give control to the social media platform over what data is shared with your app. The user, however, usually has some level of control over this data through permission settings during login. SSO solutions give the organization control over user credentials and data. This allows an organization to maintain a central directory that handles all user authentications across multiple systems.

The bottom line

The biggest and perhaps the most impactful advantage of adding social logins to your app is increased conversion rates. Users are more likely to sign up when they can do so effortlessly, without the need to remember another set of credentials. This makes social login a must-have authentication option in your sign-up forms, especially if your customers are individual users.

In this article
Link
Link
Link
We’re hiring

Our global team is growing and we’re hiring all types of roles.

View open roles
About us

WorkOS builds developer tools for quickly adding enterprise features to applications.

Learn more

This site uses cookies to improve your experience. Please accept the use of cookies on this site. You can review our cookie policy here and our privacy policy here. If you choose to refuse, functionality of this site will be limited.