Self-Hosted Authentication
Securely sign-in to over 500 platforms.
Connects with:
Built with:
Deploy with:
License:
- Single Sign-On & passwordless login for any app or framework
- Beautiful, minimal UI included out of the box
- UI & API can be easily customized
Clone the project
git clone https://github.com/platform-kit/auth pk-authGo to the project directory
cd pk-authInstall dependencies
npm install && npm run preinstall && npm run prebuildStart the server
npm run devA local instance is now running at https://localhost:3000
Before use, you will need to add the following environment variables to your .env file
# Environment
ENVIRONMENT=development
SESSION_SECRET=xxxxx
# Branding
LOGO=https://www.example.com/logo.png
BYLINE=Auth by PlatformKit
BYLINE_LINK=https://github.com/platform-kit/auth
# Repository for custom UI/Routes
REPO=https://www.github.com/{username}/{repo}
BUILD_COMMAND="npm run build"
UI_DIRECTORY="dist"
ROUTES_DIRECTORY="routes"
DEV_PATH=localhost:4000
# Redirects
ALLOWED_DOMAINS=https://localhost:4000,https://localhost:3000
# E-mail
MAGIC_LINK_SECRET=xxxxx
MAIL_USER=user@example.com
MAIL_SENDER=user@example.com
MAIL_KEY=password
MAIL_HOST=smtp.xxx.xxx
MAIL_PORT=587
# Facebook
FACEBOOK_CLIENT_ID=
FACEBOOK_APP_SECRET=
FACEBOOK_SCOPES=email,pages_show_list,pages_read_engagement,instagram_content_publish,instagram_basic,pages_show_list
# Instagram
FACEBOOK_CLIENT_ID=
FACEBOOK_APP_SECRET=
FACEBOOK_SCOPES=email,pages_show_list,pages_read_engagement,instagram_content_publish,instagram_basic,pages_show_list
# Twitter
TWITTER_APP_ID=
TWITTER_CONSUMER_API_KEY=
TWITTER_CONSUMER_API_SECRET=
# LinkedIn
LINKEDIN_API_KEY=
LINKEDIN_SECRET_KEY=
# Google
GOOGLE_CLIENT_ID=
GOOGLE_CLIENT_SECRET=
# Youtube
YOUTUBE_CLIENT_ID=
YOUTUBE_CLIENT_SECRET=
# Pinterest
PINTEREST_APP_ID=
PINTEREST_APP_SECRET=
PINTEREST_SCOPES=user_accounts:read,pins:read,pins:write,boards:write,boards:read
# GitHub
GITHUB_CLIENT_ID=
GITHUB_CLIENT_SECRET=Embed the app in an iframe within your website/app. The end-user will go through the login flow entirely through the embedded endpoint. If the login is successful, the user will be redirected to a /succcess endpoint where the token and a secret are represented as the t and s URL query parameters.
Example:
https://localhost:3000/success?t=abcdefg&s=1234567
Using the Javascript framework/method of your choice, you can monitor the iframe for the presence of this information, and scrape it/close the iframe accordingly when it appears.
Say you have deployed an instance of platform-kit/auth to https://auth.example.com and you want to use it from a web app at https://app.example.com.
First, make sure you have added the desired domain to the ALLOWED_DOMAINS environment variable, like so.
ALLOWED_DOMAINS=https://app.example.comThen in your app, create a login button that links to https://auth.example.com?redirect=https://www.app.example.com
If the login attempt succeeds, the user will be redirected to the redirect url, with the login data in the URL query parameters:
https://app.example.com?t=abcdefg&s=1234567
If you use a static site generator, you can deploy and serve your app directly on the same server as the auth instance.
Simply provide the REPO, BUILD_COMMAND, and UI_DIRECTORY environment variables. You will then be able to detect and capture the token without the need for redirects to another domain or subdomain.
If you want to limit the options available to the user, simply pass a platforms parameter in the url. For example, if you only wanted to show the user the Facebook button and the Instagram button, you'd add platforms=facebook,instagram - like so:
https://auth.platformkit.com/?platforms=mail,google,github
https://auth.platformkit.com/?platforms=facebook,instagram,twitter,reddit,youtube,pinterest
To deploy to the cloud, simply click one of the buttons below.
