Login Strategies

The Authentication module supports multiple user authentication strategies.
It supports local credential-based logins, while also providing integration for a plethora of third party providers through 0Auth2.
Two-Factor cellular authentication is supported across any strategy. Magic links are also supported for passwordless authentication.

Local Authentication is enabled out of the box.

Local Authentication

Makes use of an email address based identifier for user accounts.
Supports optional user verification.
Delivery of verification emails for user self-verification depends on the Email module.

There are two ways to access your resources:

• Email and password only - The user is authenticated using email and password.
• Two-Factor Authentication (recommended) - The user is prompted to enter a one-time password (OTP) sent to their mobile phone via SMS or scan a qr code.

Initial configuration does not enable automatic delivery of verification emails so that the module's default strategy can be utilized without a dependency on email service.

Check out our simple tutorial on how to make use of Local Authentication to create users and generate authentication tokens.

---

Third Party Providers

The Authentication module supports integration with a number of third party providers through OAuth2.
The following providers are supported out of the box:

• Apple
• Bitbucket
• Facebook
• Figma
• GitHub
• GitLab
• Google
• LinkedIn
• Microsoft
• Reddit
• Slack
• Twitch
• Twitter

---