Skip to main content

Authentication Integrations

Secure your Astrio applications with Google OAuth and GitHub authentication. Simple, reliable, and trusted authentication methods that your users already know and trust.

Supported Providers

Google OAuth

Most popular social login with extensive user base

GitHub OAuth

Perfect for developer-focused applications

Google OAuth

Why Google OAuth?

Google OAuth is the most popular social login provider, offering:
  • Wide User Base - Billions of users worldwide
  • Trusted Brand - Users trust Google with their data
  • Rich Profile Data - Access to email, name, profile picture
  • Easy Setup - Simple configuration process

Setup Process

1

Create OAuth App

Go to Google Cloud Console and create OAuth 2.0 credentials
2

Configure Scopes

Set required scopes: email, profile, openid
3

Add to Astrio

Enter your Client ID and Client Secret in Astrio dashboard
4

Test Login

Verify the authentication flow works correctly

Google Cloud Console Setup

  1. Navigate to Google Cloud Console
  2. Enable Google+ API
    • Go to “APIs & Services” → “Library”
    • Search for “Google+ API” and enable it
  3. Create OAuth Credentials
    • Go to “APIs & Services” → “Credentials”
    • Click “Create Credentials” → “OAuth 2.0 Client IDs”
    • Choose “Web application” as application type
  4. Configure OAuth Consent Screen
    • Set app name, user support email, and developer contact
    • Add authorized domains
    • Configure scopes (email, profile, openid)

Configuration

Required Credentials: 
// Google OAuth configuration
const googleConfig = {
  clientId: 'your-google-client-id.apps.googleusercontent.com',
  clientSecret: 'your-google-client-secret',
  redirectUri: 'https://your-app.astrio.app/auth/google/callback',
  scopes: ['email', 'profile', 'openid']
}
Environment Variables: 
GOOGLE_CLIENT_ID=your-google-client-id.apps.googleusercontent.com
GOOGLE_CLIENT_SECRET=your-google-client-secret
GOOGLE_REDIRECT_URI=https://your-app.astrio.app/auth/google/callback

User Data Available

When users authenticate with Google, you get access to: Profile Information:
  • Email Address - Primary email from Google account
  • Full Name - User’s first and last name
  • Profile Picture - User’s Google profile photo
  • Locale - User’s language and region preferences
Account Details:
  • Google Account ID - Unique identifier for the user
  • Email Verification - Whether email is verified
  • Account Type - Personal or Google Workspace account

GitHub OAuth

Why GitHub OAuth?

GitHub OAuth is ideal for:
  • Developer Tools - Perfect for developer-focused applications
  • Open Source Projects - Connect with the open source community
  • Technical Users - Developers already have GitHub accounts
  • Repository Access - Access to user’s public repositories

Setup Process

1

Create OAuth App

Go to GitHub Developer Settings and create a new OAuth App
2

Configure Permissions

Set required scopes: user:email, read:user
3

Add to Astrio

Enter your Client ID and Client Secret in Astrio dashboard
4

Test Integration

Verify the authentication flow works correctly

GitHub Developer Settings

  1. Navigate to GitHub Settings
    • Go to GitHub.com → Settings → Developer settings
    • Click “OAuth Apps” → “New OAuth App”
  2. Configure OAuth App
    • Application name: Your app name
    • Homepage URL: Your app’s homepage
    • Authorization callback URL: https://your-app.astrio.app/auth/github/callback
  3. Set Permissions
    • User permissions: Email addresses (read-only)
    • User permissions: Profile (read-only)

Configuration

Required Credentials: 
// GitHub OAuth configuration
{
  clientId: "your-github-client-id",
  clientSecret: "your-github-client-secret",
  redirectUri: "https://your-app.astrio.app/auth/github/callback",
  scopes: ["user:email", "read:user"]
}
Environment Variables: 
GITHUB_CLIENT_ID=your-github-client-id
GITHUB_CLIENT_SECRET=your-github-client-secret
GITHUB_REDIRECT_URI=https://your-app.astrio.app/auth/github/callback

Available Scopes

Basic Scopes:
  • user:email - Access to user’s email addresses
  • read:user - Read access to user profile
Advanced Scopes (use carefully):
  • repo - Full repository access (public and private)
  • workflow - GitHub Actions workflow access
  • admin:org - Organization administration access

User Data Available

When users authenticate with GitHub, you get access to: Profile Information:
  • Username - GitHub username
  • Full Name - User’s real name
  • Email Addresses - All email addresses associated with account
  • Profile Picture - User’s GitHub avatar
  • Bio - User’s GitHub bio
Account Details:
  • GitHub ID - Unique numeric identifier
  • Account Type - User or Organization
  • Public Repositories - List of public repositories
  • Followers/Following - Social connections

Authentication Flow

OAuth 2.0 Flow

The authentication process follows the standard OAuth 2.0 authorization code flow:
1

User Clicks Login

User clicks “Sign in with Google” or “Sign in with GitHub”
2

Redirect to Provider

User is redirected to Google/GitHub authorization page
3

User Authorizes

User grants permission to your application
4

Authorization Code

Provider redirects back with authorization code
5

Exchange for Token

Astrio exchanges code for access token
6

Get User Data

Fetch user profile using access token
7

Create Session

Create user session and redirect to app

Security Features

Secure Tokens

JWT tokens with automatic refresh

State Validation

Prevent CSRF attacks with state parameter

HTTPS Only

All authentication over secure connections

Token Storage

Secure server-side token storage

User Management

User Profiles

Comprehensive user profile management: Profile Features:
  • Automatic Profile Creation - Profiles created on first login
  • Profile Updates - Sync profile data on each login
  • Custom Fields - Add custom user attributes
  • Profile Pictures - Automatic avatar from provider

Session Management

Secure session handling and management: Session Features:
  • JWT Tokens - Secure JSON Web Tokens for authentication
  • Refresh Tokens - Automatic token refresh for long sessions
  • Session Timeout - Configurable session expiration
  • Multi-Device Support - Login from multiple devices

Integration Examples

React Component Example

import { useAuth } from '@astrio/auth';

function LoginButtons() {
  const { login, logout, user } = useAuth();

  if (user) {
    return (
      <div>
        <p>Welcome, {user.name}!</p>
        <img src={user.avatar} alt="Profile" />
        <button onClick={logout}>Logout</button>
      </div>
    );
  }

  return (
    <div>
      <button onClick={() => login('google')}>
        Sign in with Google
      </button>
      <button onClick={() => login('github')}>
        Sign in with GitHub
      </button>
    </div>
  );
}

API Authentication

// Protected API route
export default async function handler(req, res) {
  // Verify authentication token
  const user = await verifyToken(req.headers.authorization);
  
  if (!user) {
    return res.status(401).json({ error: 'Unauthorized' });
  }

  // Handle authenticated request
  const data = await getProtectedData(user.id);
  res.json(data);
}

User Data Access

// Access user data in your application
const user = await getCurrentUser();

console.log('User ID:', user.id);
console.log('Email:', user.email);
console.log('Name:', user.name);
console.log('Avatar:', user.avatar);
console.log('Provider:', user.provider); // 'google' or 'github'

Getting Started

Quick Setup

Get authentication working in minutes:
1

Choose Provider

Select Google OAuth or GitHub OAuth
2

Create OAuth App

Set up OAuth application with your chosen provider
3

Configure in Astrio

Add authentication integration with your credentials
4

Test Login

Verify login and logout functionality

Best Practices

Start with Google

Google OAuth has the broadest user compatibility

Add GitHub Later

Add GitHub for developer-focused features

Handle Errors

Implement proper error handling for auth failures

User Feedback

Provide clear feedback during authentication process

Migration Guide

Migrating from existing authentication system?
Our authentication experts can help you migrate from any authentication system to Astrio. Contact support@astrio.app for migration assistance.
Start with Google OAuth for the easiest setup and broadest user compatibility. Add GitHub OAuth later for developer-focused features.
Always implement proper error handling and user feedback for authentication failures. Never store sensitive authentication data in client-side code.