Free Plugin - OAuth login (SSO) with 7 identity providers

Huge Kudos to Ron on the support desk.

So still not entirely sure of all issues (one was Brave browser related, doubtless others were idiot user [me] related) - also had set up using an older video link.

But in relation to the password question I raised earlier, Ron put me on to a much more secure login workflow:

Assign Temp Password to user matching SSO Profile Email (does nothing if no match)
Sign up (if … count is 0) using result of step 1 as password
Log user in using result of step 1 as password

etc…
Much nicer.

tx

1 Like

Thanks so much @andrew.waites :blue_heart:

We are working on adding the documentation for the Temporary password option as well. :+1:

I have the exact same thing.

The screen showed when I set it up initially, but now, nothing.

Any ideas on why the SSO UI doesn’t show anything? @Pathfix

Hey @herman1 you will need to add a logout workflow and add the provider integration to your account for it to show.

But I understand this is now resolved? :slight_smile:

1 Like

Yes, thank you :slight_smile:

1 Like

Hey @pathfix once the user is logged in I cannot navigate to home page (or any event in workflow). It does not go to home page like in your tutorial. Thanks

Hey @daniellemclean you would need to add a step in the workflow to navigate to a different page. Let’s get this going together, ping us on our live chat support (via your Pathfix dashboard) and we can walk you through the setup

i got it working, thanks!

1 Like

Hi @Pathfix

I’m following this guide to setup the conditional logic for if accounts exist. The issue however is that I need to enable the ‘Search for Users’ condition to logged out users. This exposes all the email addresses in my database to logged out users if it’s possible to find them in searches. This looks to be a pretty major security flaw. Can you clarify?

2 Likes

Hi @messly not sure this is a security flaw, could you explain further on a scenario in which the user data in question can be accessed by anonymous user without you providing some access through the user interface or workflow API?

I think the Bubble feature is possibly not a security feature but a pre-query to simplify building your app.

You can also reach out to us via email and live chat support through your Pathfix dashboard

The issue is discussed here:

‘Find in searches’ exposes the user ids publicly. They’re obviously not visible directly on the page but it’s possible to access this data if you know what you’re doing which is a secruity risk. I’ve raised it with Bubble too.

Hi @Pathfix, I see that the plugin is free for up to 500 logins per month, but I can’t find the pricing for beyond that.
Could you please share a link with pricing information?
Thanks!

Hey @sjoys pricing can be found on our website here: Pathfix | Pricing

1 Like

We already use Pathfix for OAuth 2.0 on the backend and now that we’re implementing SSO my assumption was that we would also use them for that.

The problem though is that their SSO solution works doesn’t allow for a traditional login route alongside some 3rd party option - it has to be one or the other which just doesn’t work for us.

Bubble’s own Social Login facility does allow for this so I’m left wondering why people needed an identity oauth alternative in the first place - i.e. What issues am I not understanding with Bubble’s own Social Login specifically for client-side session authentication that has led people to going down the Pathfix route? @NigelG do you have a quick 2 pence on it?

1 Like

@Pathfix
I’ve set up everything right to the documentation https://www.youtube.com/watch?v=MESdU9GKv2U however in my Native App component does not work. In debug mode it’s visible that element exists, but component is not visible.
Also Pathfix account has been created and account for API added.
Do you have any idea what can be the reason and what could be the solution to fix it?
Please see the picture below:

Hey @wojczek.k

It could be a small configuration error, we could take a look at your setup together. Could you ping us on our live chat support or email us at support@pathfix.com?

@Pathfix guys, copy public key button don’t work (Safari). Please fix. That made me struggle for 30 min why nothing is working.

@Pathfix I’ve got an issue. I’ve competed this tutorial [Add Social Login (SSO) to your Bubble.io app - YouTube].

Almost everything works. However, after I logout and redirected back to page with “Sign Up” the SSO UI component doesn’t render at all. If I’ll go from scratch in Incognito mode it works again until I’ll try to Log Out.

Hi @nickkimel the SSO Profile log out doesnt seem to be setup correctly. We could take a look at this together. Could you ping us on our live chat or via email so we can go through this together?

@Pathfix I’ve decided to integrate google auth directly.

1 Like