--- title: Authentication with OAuth or OpenID providers --- import ImageSpotlight from '~/components/plugins/ImageSpotlight'; import { ASSETS, Grid, GridItem, Box } from '~/ui/components/Authentication'; import { Tab, Tabs } from '~/ui/components/Tabs'; Expo can be used to login to many popular providers on Android, iOS, and web. Most of these guides utilize the pure JS [`AuthSession` API](/versions/latest/sdk/auth-session), refer to those docs for more information on the API. Here are some **important rules** that apply to all authentication providers: - Use `WebBrowser.maybeCompleteAuthSession()` to dismiss the web popup. If you forget to add this then the popup window will not close. - Create redirects with `AuthSession.makeRedirectUri()` this does a lot of the heavy lifting involved with universal platform support. Behind the scenes it uses `expo-linking`. - Build requests using `AuthSession.useAuthRequest()`, the hook allows for async setup which means mobile browsers won't block the authentication. - Be sure to disable the prompt until `request` is defined. - You can only invoke `promptAsync` in a user-interaction on web. ## Guides **AuthSession** can be used for any OAuth or OpenID Connect provider, we've assembled guides for using the most requested services! If you'd like to see more, you can [open a PR](https://github.com/expo/expo/edit/main/docs/pages/guides/authentication.mdx) or [vote on canny](https://expo.canny.io/feature-requests). | Website | Provider | PKCE | Auto Discovery | | ------------------------ | -------- | -------- | -------------- | | [More Info][c-identity4] | OpenID | Required | Available | [c-identity4]: https://demo.identityserver.io/ - If `offline_access` isn't included then no refresh token will be returned. {/* prettier-ignore */} ```tsx IdentityServer 4 Example import * as React from 'react'; import { Button, Text, View } from 'react-native'; import * as AuthSession from 'expo-auth-session'; import * as WebBrowser from 'expo-web-browser'; /* @info Web only: This method should be invoked on the page that the auth popup gets redirected to on web, it'll ensure that authentication is completed properly. On native this does nothing. */ WebBrowser.maybeCompleteAuthSession(); /* @end */ /* @info Using the Expo proxy will redirect the user through auth.expo.io enabling you to use web links when configuring your project with an OAuth provider. This is not available on web. */ const useProxy = true; /* @end */ const redirectUri = AuthSession.makeRedirectUri({ useProxy, }); export default function App() { /* @info If the provider supports auto discovery then you can pass an issuer to the `useAutoDiscovery` hook to fetch the discovery document. */ const discovery = AuthSession.useAutoDiscovery('https://demo.identityserver.io'); /* @end */ // Create and load an auth request const [request, result, promptAsync] = AuthSession.useAuthRequest( { clientId: 'native.code', /* @info After a user finishes authenticating, the server will redirect them to this URI. Learn more about linking here. */ redirectUri, /* @end */ scopes: ['openid', 'profile', 'email', 'offline_access'], }, discovery ); return (