Okta allows your users to sign in to your app using credentials from external social login providers. Once the user has successfully authenticated, they are returned to your app, and their social profile information is pulled into your Okta directory.
Currently Okta supports the following social login providers:
Configuring social login with Okta allows you to use the following features:
User Registration: Capture the Profile attributes from a Social Identity Provider user and store those attributes in Okta’s Universal Directory.
User Authentication: After a user is registered, continue to use that Social Identity Provider for user authentication, thus eliminating the need to store an additional username and password for that user.
Social Profile Sync: If a user updates their Social Profile, those changes can be reflected inside Okta the next time they use social login.
Support for Multiple Social Profiles Multiple Social Profiles can all be linked to one Okta user.
Support for Webhooks: Make callouts to your application during user registration and/or account linking. For example: prompt a user for additional attributes before linking their account, or enable a customized validation or confirmation flow.
OAuth 2.0 Scope Configuration: Specify OAuth 2.0 scopes to fully control which Social Profile attributes are linked to Okta.
The social login process starts at the authentication endpoint, then goes out to the provider and back:
Social authentication requests are canceled if not completed within fifteen minutes.
To set up social login, configure the following:
Every Identity Provider in Okta is linked to an Application, and every time a user signs in with a Social Identity Provider for the first time, an Application User is created for them. The Application User represents the external user at the Social Identity Provider and can be used to map attributes to the Okta User. For more information about how to configure this behavior see Social Identity Provider Settings.