fof / oauth
Allow users to log in with GitHub, Facebook, Google, Discord, GitLab, LinkedIn, and more!
Maintainers
Fund package maintenance!
Requires
- flarum/core: ^2.0.0
- league/oauth2-facebook: ^2.2.0
- league/oauth2-github: ^3.1.0
- league/oauth2-google: ^4.0.1
- omines/oauth2-gitlab: ^3.3.0
- wohali/oauth2-discord-new: ^1.2.1
Requires (Dev)
- flarum/core: 2.x-dev
- flarum/phpstan: ^2.0.0
- flarum/testing: ^2.0.0
- 2.x-dev
- 2.0.0-beta.2
- 2.0.0-beta.1
- 1.x-dev
- 1.7.3
- 1.7.2
- 1.7.1
- 1.7.0
- 1.6.16
- 1.6.14
- 1.6.13
- 1.6.12
- 1.6.11
- 1.6.10
- 1.6.9
- 1.6.8
- 1.6.7
- 1.6.6
- 1.6.5
- 1.6.4
- 1.6.3
- 1.6.2
- 1.6.1
- 1.5.4
- 1.5.3
- 1.5.2
- 1.5.1
- 1.5.0
- 1.4.4
- 1.4.3
- 1.4.2
- 1.4.1
- 1.4.0
- 1.3.2
- 1.3.1
- 1.3.0
- 1.2.5
- 1.2.4
- 1.2.3
- 1.2.2
- 1.2.1
- 1.2.0
- 1.1.1
- 1.1.0
- 1.0.2
- 1.0.1
- 1.0.0
- 0.3.0
- 0.2.1
- 0.2.0
- 0.1.0
- dev-im/oauth-overhaul
- dev-dependabot/npm_and_yarn/js/webpack-5.104.1
- dev-dependabot/npm_and_yarn/js/isaacs/brace-expansion-5.0.1
- dev-dependabot/npm_and_yarn/js/lodash-4.17.23
- dev-ds/do-not-override-loginmodal-body
- dev-provide-linkedin-oauth-and-fix-google-button
This package is auto-updated.
Last update: 2026-03-16 08:10:17 UTC
README
A Flarum extension. Allow users to log in and register using OAuth 2.0 providers. Supports account linking, automatic email-match linking, and a security-settings page where users can manage their connected providers.
Bundled providers
By default these providers are included:
- Discord
- GitHub
- GitLab
Features
- Login & registration via any enabled OAuth 2.0 provider
- Account linking — authenticated users can connect a provider from their security settings page
- Email-match auto-link — if a provider returns an email address that matches an existing account, the provider is linked automatically and the user is logged in
- Account linked confirmation — a modal is shown the first time a provider is linked, confirming the connection
- PKCE support — providers that support Proof Key for Code Exchange can opt in per-provider
- Group assignment — automatically assign users to a forum group when they register via a specific provider
- Admin moderation — view and manage users' linked provider accounts from the admin panel
Permissions
This extension provides the ability to view the status of linked OAuth providers (intended for admin and/or moderator use). In order for this to function correctly, you must also set the permission Moderate Access Tokens to at least the same group as you require for Moderate user's linked accounts.
Group Assignment
You can configure each OAuth provider to automatically assign users to a specific group when they register. This is useful for tracking which provider users signed up with or for granting specific permissions based on the authentication method.
To configure group assignment:
- Go to the extension settings
- Enable the desired OAuth provider
- Click the settings icon for that provider
- Select a group from the "Assign Group" dropdown
- Save your changes
Users who register through that provider will automatically be assigned to the selected group.
Additional providers
Additional OAuth providers are available for this extension. Here's a handy list of known extensions:
If you know of others, please open a PR to add them to this list.
Screenshots
Default provider settings example
Login/signup example with Github, Twitter, Twitch and Google enabled.
Installation
composer require fof/oauth
Updating
composer update fof/oauth php flarum cache:clear
Configuration
Translation
You can replace the text for the forum sign in buttons in two ways:
- Use
fof-oauth.forum.providers.<name>to replace the name of the provider on the forum side - Use
fof-oauth.forum.log_in.with_<name>_buttonto replace the entire button "Log In with <name>" text
Extending
It is possible to add additional providers using an extender. See UPGRADE.md for a full guide, including a complete example provider class and notes on breaking changes between versions.
In short:
- In your new extension, require
fof/oauthas a dependency - Define a new
Providerclass which extendsFoF\OAuth\Provider - From your new extension's
extend.php, register the provider:(new FoF\OAuth\Extend\RegisterProvider(MyNewProvider::class)) - Provide the required translations under the
fof-oauthnamespace (see UPGRADE.md for required keys)
Upgrading an existing provider extension to Flarum 2.x? See UPGRADE.md for the full list of breaking changes.
Links
An extension by FriendsOfFlarum.