# Authentication {% hint style="info" %} Supported methods: * [Social login (Google, Facebook, 60+ others)](#social-logins) * [Magic links (passwordless) sign in](#magic-links-passwordless-sign-in) For both of these methods, users don't need to manually create an account; it is automatically done for them when they use social login or magic link for the first time. {% endhint %} {% hint style="warning" %} NextAuth intentionally does not allow account auto-linking by default. That means when you sign up first for example with Google and then later on with Facebook (and both accounts use the same email), you get error: "To confirm your identity, sign in with the same account you used originally". To allow for auto-linking you need to specifically set **allowDangerousEmailAccountLinking** for each specific provider {% endhint %} ## **Social Logins** Social logins allow users to sign in using their existing accounts from platforms like Google, Facebook, GitHub, and many more. To enable social login, make sure specific provider is added to `next-auth.ts` file, configured with client ID and secret, and callback function `profile` mapped to the user model in your database: ```typescript providers: [ GoogleProvider({ clientId: process.env.GOOGLE_ID, clientSecret: process.env.GOOGLE_SECRET, // allowDangerousEmailAccountLinking // optional for each provider async profile(profile): Promise { // mapped to exact same model as in DB and elsewhere in the app }, }), FacebookProvider({ clientId: process.env.FACEBOOK_APP_ID, clientSecret: process.env.FACEBOOK_SECRET, async profile(profile): Promise { // mapped to exact same model as in DB and elsewhere in the app } }), ] ``` `.env` file ```properties #- Google OAuth GOOGLE_ID= GOOGLE_SECRET= #- Facebook OAuth FACEBOOK_APP_ID= FACEBOOK_SECRET= ``` ### Google 🟨 1. If you are using Firestore you can add Google authentication through there.
2. If you are not, you need to create it through Google console: 3. Set in `.env` variables:\ `GOOGLE_ID=`\ `GOOGLE_SECRET=` 4. **Remember to whitelist/allow localhost!** Otherwise you won't be able to test it locally. ### Facebook 🟦 1. Create app through developer portal: [https://developers.facebook.com](https://developers.facebook.com/)
2. Set `.env` variables:\ `FACEBOOK_APP_ID=`\ `FACEBOOK_SECRET=` ## Magic links - passwordless sign-in Magic link authentication allows users to sign in using a one-time secure link sent to their email, without requiring a password. Magic links require: * [Database](/docs/setup/database.md) to be configured * Email provider `.env` variables are correctly setup and registered within NextAuth Setup: 1. Get the following from your email provider and set these `.env` variables:\ `EMAIL_SERVER_USER=`\ `EMAIL_SERVER_PASSWORD=`\ `EMAIL_SERVER_HOST=`\ `EMAIL_SERVER_PORT=`\ `EMAIL_FROM=` (email account you want to get replies on)\ \&#xNAN;*Note: Magic links require database to be setup.* --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://accelerator.gitbook.io/docs/setup/authentication.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.