Learn how to enable OAuth2 SSO
➕OAuth2 SSO feature is only available to customers on Tribe's [Premium/Enterprise] pricing plan.
Learn more about Tribe's pricing policy here.
OAuth 2.0, which stands for “Open Authorization”, is a technical standard used to authorize user access. It allows users to access the community using their existing credentials on a main website or application. Tribe supports the most common implementations of OAuth2, including OpenID Connect. Tribe fully supports Auth0 and OAuth2 for both authentication and authorization.
To use the OAuth2 SSO method, your website or product should act as an OAuth2 identity provider. When the OAuth2 SSO app is enabled, Tribe redirects the user to the unique user identity system. If the user is not logged into the website, they will see the login screen. After logging in, Tribe receives the access token generated by the user identity system and fetches the user's information.
If a user doesn't exist in the system: Tribe creates the user using the provided information and logs them in.
If a user exists in the system: Tribe updates the user's information and logs them in.
Understand how Tribe identifies a user exists?
Tribe first checks if any user in the database has the same external Id as the one provided. If the user is found, it updates their information including their email address.
If there is no existing user with the same ExternalID as the one in the system, it tries to find the user using the email address provided and connects the user's externalId to the provided id.
❗Important note: If there is an existing user with the same e-mail address as the one being authenticated but has a different externalId, it will result in a conflict.
In order to resolve the conflict, please follow these steps- How to resolve a login conflict?
Required information for setting up OAuth2 SSO in Tribe Community.
Tribe supports the following OAuth2 methods:
Click on each option above to get access to the step-by-step tutorial and find the necessary credential for setting up the SSO in your community.
Login & register with email:
To direct users to the SSO provider page when they enter the community as opposed to displaying the email login/registration options, disable "Login & register with Email". To disable this option, click on Administration > Authentication > turn off the toggle for Login & register with the email:
Once disabled, the users will be taken to the OAuth2 SSO Login page directly once they click on Login or Sign up in your community.
For more detailed information, please visit: