Seacat Auth supports login via third party authentication providers. This allows users to use their Google or Github account to log into Seacat Auth.
Seacat Auth currently supports these login providers:
- External login
Once configured, external login options are available on the login screen as an alternative to the standard Seacat Auth login.
Any user can enable or disable their external login options on their My account screen.
Setting up external login providers
Setting up external login requires registering and configuring your Seacat Auth site at the respective provider and configuring the Seacat Auth service itself.
Register your Seacat Auth application
Once you select which login provider you want to set up, proceed to their website to register your Seacat Auth application. You will receive Client ID and Client secret which you will use in Seacat Auth configuration.
Provide redirect URIs
Most OAuth2 providers will require you to specify a list of exact authorized redirect URIs. If that is the case, you need to provide two URIs in the following format:
For example, if your public Seacat Auth API is running at
and you want to configure login with
Other providers (e.g. Github) do not require a list of exact URIs but rather a single path that all of your redirect URIs will start with. In such cases just provide the base URL of your Seacat Auth public API, for example
Configure Seacat Auth
Finally, you can add a section defining your external login provider in the Seacat Auth config file. You will need at least the Client ID and the Client secret that you received at your login provider.
The config section name is always in the format
See below for config examples of the individual login providers.
Seacat Auth currently supports the following external login providers:
- Office 365
- Moje ID
Register your Seacat Auth app in Google API Credentials.
[seacatauth:google] client_id=a2c4e6... client_secret=1b3d5f...
Register your Seacat Auth app in Azure Active Directory.
In addition to client ID and client secret, Office 365 login also requires you to fill in your tenant ID.
[seacatauth:office365] tenant_id=def123... client_id=a2c4e6... client_secret=1b3d5f...
Register your Seacat Auth app in your Github developer settings.
[seacatauth:github] client_id=a2c4e6... client_secret=1b3d5f...
[seacatauth:mojeid] client_id=a2c4e6... client_secret=1b3d5f...