# 4. OAuth Provider Setup

Roost supports various authentication mechanisms as mentioned below

1. Github
2. Google
3. Microsoft
4. Linkedin
5. Okta

## OKTA Auth Client Setup<button aria-label="Copy link to heading" class="css-779anb"><svg height="24" role="presentation" viewbox="0 0 24 24" width="24"></svg></button>

- Sign in to your OKTA account with admin privileges (*If you do not have an existing Okta account, then sign-up at* [Home | Okta Developer](http://developer.okta.com/ "http://developer.okta.com/") )
- From the left navigation menu, go to Applications -&gt; Applications.
- Select Create App Integration → OIDC - OpenID Connect → Web Application, then click Next
- Fill in the suitable **App integration name,** upload the logo.
- Add **Sign-in redirect URIs**
    - https://&lt;DNS\_NAME&gt;/login
- Allow Access to users thru Assignments → Controlled Access 
    - Select the groups of users or Allow access to everyone
- Save and Make a note of the Okta Client ID and the Client Secret (It is needed later in the config below)
- From the left navigation menu, go to Security -&gt; API
- Make a note of **Issuer URI** for default Authorisation Server 
    - something like https://{your\_domain}.okta.com/oauth2/default

## Google Auth Client Setup<button aria-label="Copy link to heading" class="css-779anb"><svg height="24" role="presentation" viewbox="0 0 24 24" width="24"></svg></button>

- [Integrating Google Sign-In into your web app | Google Sign-In for Websites | Google Developers](https://developers.google.com/identity/sign-in/web/sign-in "https://developers.google.com/identity/sign-in/web/sign-in")
- Login to [https://console.cloud.google.com/apis/credentials](https://console.cloud.google.com/apis/credentials "https://console.cloud.google.com/apis/credentials")
- Create Credentials, Select OAuth Client and Application Type as Web Application
- Add Authorised JavaScript Origin as
    
    
    - [https://roostapi.roost.io:60001](https://roostapi.roost.io:60001/ "https://roostapi.roost.io:60001/")
    - https://&lt;DNS\_NAME
    - [http://localhost:3000](http://localhost:3000/ "http://localhost:3000/")
    - [http://localhost:](http://localhost:3000/ "http://localhost:3000/")4200
- Add Authorised redirect URIs
    
    
    - https://&lt;DNS\_NAME&gt;/login
    - https://&lt;DNS\_NAME&gt;/api/auth/redirect/google
    - [https://roostapi.roost.io:60001/auth/redirect/google](https://roostapi.roost.io:60001/auth/redirect/google "https://roostapi.roost.io:60001/auth/redirect/google")
- Download the JSON
- Make a note of the Google Client ID and the Client Secret (It is needed later in the config below)