OAuth2 SSO

Learn how OAuth2 SSO works and how to enable it in the community.

OAuth2 SSO feature is available to customers on Tribe's Premium and upper plans. Learn more about Tribe's pricing and plans here.

OAuth 2.0, which stands for “Open Authorization”, is a technical standard used to authorize user access. It allows users to access the community using their existing credentials on a main website or application. Tribe supports the most common implementations of OAuth2, including OpenID Connect. Tribe fully supports different OAuth2 options for both authentication and authorization.

OAuth2 Flow

To use the OAuth2 SSO method, your website or product should act as an OAuth2 identity provider. When the OAuth2 SSO app is enabled, Tribe redirects the user to the unique user identity system. If the user is not logged into the website, they will see the login screen. After logging in, Tribe receives the access token generated by the user identity system and fetches the user's information.

  • If a user doesn't exist in the system: Tribe creates the user using the provided information and logs them in.

  • If a user exists in the system: Tribe updates the user's information and logs them in.

Understand how Tribe identifies User's Existence

Tribe first checks if any user in the database has the same external ID as the one provided. If the user is found, it updates the user information, including their email address.

If there is no existing user with the same External ID as the one in the system, it tries to find the user via the email address provided and connects the user's external ID to the provided ID.

❗Important note: If there is an existing user with the same e-mail address as the one being authenticated but has a different external ID, it will result in a conflict.

In order to resolve the conflict, please follow these steps- How to resolve a login conflict?

Required credentials for setting up OAuth2 SSO in Tribe Community.

Tribe supports the following OAuth2 methods:

Click on each option above to get access to the step-by-step tutorial and find the necessary credential for setting up the SSO in your community.

Disable Login & Register with Email and Password:

If a member should be directed to the SSO provider page directly when they open the community, you need to disable Login & register with email. To disable this option, click on your profile picture on the top-right > Administration > Settings > Authentication > turn off the toggle for Login & register with email:

Once disabled, the user will not see the default option of signing up or logging in using Email and Password.

What's Next?

For more detailed information, please visit:

Still have questions? Check out the Community's SSO-related Q&A or ask a new question in the Support Space.