Open J0 opened 2 years ago
J0
commented
2 years ago Currently, Supabase does not support Steam as an external OAuth provider.
Support Steam as an external OAuth Provider. https://partner.steamgames.com/doc/features/auth
N/A
This article describes how Steam's login method works.
J0
commented
2 years ago Support Patreon oauth.
See feature request https://github.com/netlify/gotrue/issues/312
J0
commented
2 years ago Add Quickbooks as an OAuth provider
J0
commented
2 years ago Hi
I'd like to publish an app that other researchers can contribute to without signing up to anything, just using the orcid credentials they have for publishing to journals. Could you please add Orcid to the OAuth providers?
https://info.orcid.org/documentation/features/public-api/orcid-as-a-sign-in-option-to-your-system/
All the best and many thanks for the great work!
J0
commented
2 years ago Letting users in with a privacy-friendly OAuth Provider while accessing/verifying user data in a privacy-friendly manner if required. For (at least currently) no cost.
Adding global.id as sign-in/up option and storing requested data in the user metadata.
Didn't really find a good alternative to this provider.
I would like to implement that but I have never used go before, nor do I have a clue on how to integrate it in the existing codebase. Also, the global.id docs are somewhat odd and I've never really dealt with implementing OAuth. Maybe it can be done similar to using Auth0 but instead, use global.id but idk. Article about Supabase with Auth0
J0
commented
2 years ago Note: Singapore government might move to use SGID
J0
commented
2 years ago Would love to be able to authenticate users with Foursquare/Swarm
Currently using passport-foursquare
J0
commented
2 years ago Please add SoundCloud OAuth provider.
To extend music streaming platform authentication.
https://developers.soundcloud.com/docs/api/guide#authentication
Note: there is an existing PR -- #269 which contains an initial implementation
J0
commented
2 years ago I'd like to let my users log in with their Eth wallet (Metamask, etc)
Just like Uniswap does.
Looks like Redwood has an Eth login.
n/a
Note: there is an existing PR -- https://github.com/supabase/gotrue/pull/269 which contains an initial implementation
J0
commented
2 years ago Would it be possible to include Auth0 as a login provider. Would like transition over to Supabase however this is preventing me from doing so.
Tutorial on importing users from Auth0.
Relevant resources:
J0
commented
2 years ago TikTok recently published their OAuth flow https://developers.tiktok.com/doc/login-kit-web
For the application that I am working on, we convert users from TikTok. Currently, we plan to authenticate them from using Phone authentication, but TikTok support could drastically improve our conversion.
Social login with TikTok is supported similar to existing 3rd party providers.
The only other alternative would be to host our own authentication server and use it in tandem with Supabase. Not particularly ideal.
Note: there is an existing PR -- https://github.com/supabase/gotrue/pull/269 which contains an initial implementation
J0
commented
2 years ago https://twitter.com/jlengstorf/status/1429611357356187652
https://app.netlify.com/user/applications
Relevant Comments:
Might need to hold off on this one until some of the security issues here are covered: https://community.redwoodjs.com/t/i-implemented-a-netlify-oauth-not-identity-auth-provider-but-im-not-sure-i-should-have-and-why/903
J0
commented
2 years ago Requested on: https://github.com/supabase/supabase/discussions/5200
Developer docs: https://developers.kakao.com/product/kakaoLogin
Corresponding PR: #366
J0
commented
2 years ago Relevant PR: #449
J0
commented
2 years ago For dip.chat, we use Telegram groups. I eventually like to add login with Telegram so users can sign in to the web app and edit their profile, credit card info, etc.
As a user of supabase, I would like to be able to use Telegram as an authentication provider.
I've requested it on NextAuth.js: https://github.com/nextauthjs/next-auth/issues/2406
I've also considered contributing it there ^ or just writing it myself in my app.
I am not sure where I would start, but I would considering implementing this myself with some guidance/pointers.
Other relevant content:
Looked at including this in #245 but as this reply said its not standard 0Auth so the Supabase team might need to look at this one
bariqhibat
commented
2 years ago Hi @J0, are we looking to implement OAuth for Yandex?
dangdennis
commented
2 years ago Hi, we'd like to implement the Instagram oauth provider. Is the team open to this? Are contributers also expected to help on the frontend? I'd prefer to just focus on the provider side.
J0
commented
2 years ago Hey @dangdennis,
Sorry for the delayed reply -- was a bank holiday for us over the past two days. Yes we are accepting contributions! And no worries about the frontend we will take care of it.
We'd also greatly appreciate it if you'd be able to add a short guide on how to use the provider: https://github.com/supabase/supabase/pull/5398/files after finishing the PR. This is so that developers can best figure out how to use the provider in their application.
Feel free to let us know if you have any questions or if you run into any issues!
Thanks so much!
J0
commented
2 years ago @bariqhibat
Yup, we are accepting contributions for Yandex provider. Just saw your PR -- the team will review shortly.
Thanks much!
J0
commented
2 years ago Transferred: IMDb OAuth request from #528
kangmingtay
commented
2 years ago Roblox recently opened up a private alpha for their new OAuth2 system, and should become public in a few months. I can keep this issue updated with any news, so that once it becomes public it can be implemented into Supabase.
Until then, I will come up with a basic draft and see if I can get it functioning properly locally.
Roblox is what my app is based around, but I am currently using Discord OAuth through Supabase and authenticating them using other means afterwards. Adding this OAuth would make my lif etc.
As a user of supabase, I would like to be able to use Roblox as an authentication provider.
J0
commented
2 years ago No.
It would be cool if Reddit OAuth could be used in Supabase.
Making my own. 💀
N/A
J0
commented
2 years ago I want a new Ory Hydra OAuth2 Provider Integration
Waiting for someone/team/community integrate Ory Hydra OAuth2 Provider
The alternative is integrate it, and contribute with PR of the Integration with some info how to setup and a online demo of everything working, and a deployed OryHydra server if supabase members wants to test integration without deploy it
This same feature request will be in repos supabase-js and supabase gotrue repos
AaronDewes
commented
2 years ago Having Nextcloud would be great.
CatalanCabbage
commented
2 years ago Hi, would be nice to have Zoho as an OAuth provider.
Willing to submit a PR too, please let me know if I can :)
J0
commented
2 years ago Support Game Center OAuth
https://github.com/supabase-community/supabase-flutter/issues/156 https://developers.google.com/games/services
nerixim
commented
2 years ago Hi, would be nice to have LINE as an OAuth provider. Gonna try submitting a PR 💪
yakiya51
commented
2 years ago 
point-source
commented
2 years ago It would be great to have sign in with Amazon as I have a client waiting on support before purchasing. Happy to sponsor an effort to get this done.
pythonicode
commented
1 year ago Very important integrations for any sport-related applications.
Strava Docs: https://developers.strava.com/docs/authentication/
pythonicode
commented
1 year ago Optionally, another important connection for sport-related apps. I don't know it it supports OAuth2 but seems to support OAuth1 but it looks more complicated to get setup than Strava.
Docs: https://developer.garmin.com/gc-developer-program/program-faq/
J0
commented
1 year ago Mastodon is growing in popularity and could be very useful to add as an auth provider.
Due to the federated nature of mastodon, I think login can be setup per-server instance.
I'm not exactly sure how to reflect that.
romanticsoul
commented
1 year ago 
keepant
commented
1 year ago It would be nice if users could authenticate with Huawei Auth. Huawei has many users in Asia-Pacific countries. Thank you.
Documentation: Huawei Auth
rohanliston
commented
1 year ago A generic OAuth2/OIDC provider similar to what Auth0 offers would cover most (if not all) of the provider requests in this thread in one hit.
This would enable developers to simply provide, at a minimum:
.well-known/openid-configuration endpoint to discover token URLs etc).I'm surprised this hasn't already been suggested. Is there some complexity that I'm missing?
kangmingtay
commented
1 year ago Hey @rohanliston, great question! not all social providers comply to the OIDC spec and might not have an authorization server URL. As for the mapping for claims, not all the social providers return the user data the same way (take linkedin vs workos for e.g.). Also, gotrue currently follows an automatic linking model to link 2 identities with the same email to the same user. This means that having an insecure oauth provider added could compromise logins for a user. This is also why we currently enforce the email returned from the oauth provider to be verified.
kangmingtay
commented
1 year ago Support Yahoo oauth.
See feature request https://github.com/supabase/gotrue/issues/1191
rohanliston
commented
1 year ago @kangmingtay Thanks for your response! To address your points:
not all social providers comply to the OIDC spec and might not have an authorization server URL.
That's fine, there are still countless providers that are OIDC-compliant. The ones that aren't compliant would require a dedicated provider as they do now. I don't think this is a reason not to implement a generic provider.
As for the mapping for claims, not all the social providers return the user data the same way (take linkedin vs workos for e.g.).
Yep, we'd definitely need a mapper of some sort. A simple approach would be to have the user define a JSON object to define the mapping. Dot notation could be used to map nested fields.
Also, gotrue currently follows an automatic linking model to link 2 identities with the same email to the same user. This means that having an insecure oauth provider added could compromise logins for a user. This is also why we currently enforce the email returned from the oauth provider to be verified.
Does gotrue require the user to authenticate to both accounts before linking? Relying on email verification alone isn't totally secure, because the account can still be compromised later on. Email verification only proves that the user had control of the account when it was created.
Auth0 highlights this in their docs and has a secure approach to account linking in their Account Link Extension:
The extension does not automatically link users with the same email, even if emails are verified,
because verified emails are not enough evidence to prove that the user can currently authenticate
to both accounts.
...
This process [of authenticating to both accounts at link time] ensures that the user has the credentials
to authenticate to both accounts, which allows the accounts to be linked safely and correctly.Regardless, I think whether or not an external provider is 'secure' should be a concern of the application developer setting up the integration. Gotrue should merely provide the means to support the integration itself in a secure way within its own sphere of control.
paustint
commented
1 year ago Currently, Supabase does not support Salesforce as an external OAuth provider.
Suport Salesforce as an OAuth provider https://login.salesforce.com/.well-known/openid-configuration
N/A
Well-known config: https://login.salesforce.com/.well-known/openid-configuration Docs: https://help.salesforce.com/s/articleView?id=sf.remoteaccess_oauth_web_server_flow.htm&type=5
NOTE: Salesforce allows users to configure custom subdomains for their environments, but support for this would not be required as the user can go to the standard login page (login.salesforce.com and login their, unless explicitly disallowed, in which case they can choose "Use Custom Domain".
In order to test this flow:
carlobeltrame
commented
1 year ago Add generic OAuth2/OIDC provider
https://github.com/supabase/gotrue/issues/451#issuecomment-1641660848
I'd like to work on a generic OAuth2 provider. Since the comments of @rohanliston in August, @kangmingtay has updated the CONTRIBUTING.md text to suggest that such a generic provider is officially regarded as a possible way forward.
By default, I would go for a generic OAuth2 client, similar to the one described by the auth0 docs. This is as opposed to a generic OIDC flow, which was previously present in gotrue but was then removed in #927, for reasons which are explained here, and which sound like the Supabase team needs to resolve things internally first. If the generic OAuth2 client is the wrong direction to head in, please let me know.
Edit: See #1372 for the PR.
MonsterDeveloper
commented
1 year ago @J0 any updates on the Telegram provider? It has been more than a year now since its request, and as far as I can see it is one of the most requested providers in this thread.
Mutondi
commented
1 year ago Add generic OAuth2/OIDC provider
A generic OAuth2/OIDC provider similar to what Auth0 offers would cover most (if not all) of the provider requests in this thread in one hit.
This would enable developers to simply provide, at a minimum:
- Authorisation Server URL (which provides a
.well-known/openid-configurationendpoint to discover token URLs etc).- Client ID
- Client Secret
- Callback URL
- (maybe) a mapping for claims?
I'm surprised this hasn't already been suggested. Is there some complexity that I'm missing?
Is there any progress on this?
stripuramallu3
commented
1 year ago I would like Linear as an OAuth Provider
Documentation: https://developers.linear.app/docs/oauth/authentication
carlobeltrame
commented
1 year ago Is there any progress on this?
@Mutondi I have started working on it, currently I am looking into how I can extend the database schema in order to store the additional information required for genericity, such as the field mapping.
I could use this extension myself in February 2024. So if you have the time to test the feature with your own provider once I open the PR, that would be great news.
Edit: See #1372 for the PR.
Whats-A-MattR
commented
1 year ago Support Steam as an external OAuth Provider
Currently, Supabase does not support Steam as an external OAuth provider.
Describe the solution you'd like
Support Steam as an external OAuth Provider. https://partner.steamgames.com/doc/features/auth
Describe alternatives you've considered
N/A
Additional context
This article describes how Steam's login method works.
Is there an ETA for Steam as an Auth Provider? Or even a Custom Provider option?
jessebot
commented
11 months ago Please consider adding support for ZITADEL. I see there is already KeyCloak support, so I could try to copy that for Zitadel, as in most instances Zitadel drops in as a replacement pretty fine as both are OIDC compliant and common self-hosted open source Identity Providers.
I am not sure if I should hold off on it based on the comment in the CONTRIBUTING.md. Let me know if I should go ahead and work on this.
But I did also find this in the code so maybe I don't need to do this after all?: https://github.com/supabase/gotrue/blob/379b06665052261122482acf2c9d47e81346f1a4/internal/api/provider/oidc.go#L329-L340
Still happy to do the work, just need a little guidance :pray:
carlobeltrame
commented
10 months ago @Mutondi, @rohanliston, @kangmingtay, @bdelwood, @James3UK, @sannajammeh, @bluengreen, @jessebot, @chrisjh, @agrantdeakin, @mstade, @WildEgo, @kermado, @JoaquimLey, @naohiro-t, @BayTec, @jamiefolsom, @point-source, @Whats-A-MattR and everyone else who has mentioned or reacted to a generic OAuth provider:
I have implemented a first version of a generic OAuth provider at #1372.
If you have the means, it would help a great deal if you could test it with some real-life identity providers (even ones which are already supported by gotrue would help). I have so far tested it using an application of my own. But the more we can test this new all-purpose OAuth provider the merrier.
rahul3399
commented
9 months ago add miniOrange as OAuth Provider
Wintersboy
commented
9 months ago Would love to see Yahoo in the list of auth providers. Would make accessing the Yahoo Fantasy API so much better.
MiryangJung
commented
8 months ago Is there any progress on the generic OAuth provider, is possible submit PR that adds another social login provider?
This issue is for tracking requests/demand for integration with External OAuth Providers. Give a comment a thumbs up if you want the connector built or drop a comment if you wish to work on any of the providers below.
We will prioritise providers based on the number of upvotes/thumbs up so do upvote your favourite providers