Be part of JetBrains PHPverse 2026 on June 9 – a free online event bringing PHP devs worldwide together.
So the application I'm working on currently supports Facebook/Google login via Laravel Socialite and it feels really clean.
I love that with a tiny bit of boilerplate code to setup configuration, I can write this code on the way out:
Socialite::driver('facebook')->redirect();
.. and this code on the way back in:
$user = Socialite::driver('facebook')->stateless()->user();
And the rest is just simple logic within my own domain to link the user to one or many provider tokens.
If a client comes along and demands that users must be able to login with their Amazon Cognito account or Azure AD or Cloud Identity or maybe they want to use their own database of users for authentication -- could I simply extend Socialite by creating a custom driver for each of those services?
What I'm really asking is, without getting my hands dirty, how flexible/easy to extend is Socialite - does it only work if the IdP supports OAuth2 -- what about SAML or a custom API for authentication? My head is hurting from reading up on all of this stuff as it's brand new to me.
You can use Socialite for all OAuth compliant services. For services that are not supported out of the box, no existing drivers, you can check https://socialiteproviders.com. If you can not find it there then you can search GitHub/Packagist or create one following the guidelines.
Thanks for the reply! What about services that aren't OAuth compliant, would those be considered out of scope for a Socialite driver? I'm wondering how Laravel devs implement SAML or non OAuth-y SSO solutions. I presume it's something totally custom outside of Socialite but just wondering if any has tried it before
Maybe I wasn't clear when I've wrote You can use Socialite for all OAuth compliant services. so let me try again:
function whatShouldBeUsedForAuth(Service $service): AuthSolution
{
if (!$service->isOAuthCompliant()) {
return AuthSolution::customImplementation();
}
return AuthSolution::socialite();
}
@joeyrush Socialite is for only working with OAuth providers, yes.
If you need to support an alternative authentication protocol (such as SAML or whatever Cognito uses) then yeah, that’ll involve having to write custom code outside of Socialite I’m afraid.
Thanks. This removes one layer of uncertainty
No problem. Best of luck with the project!
Hey @joeyrush, I found this thread, because I try to use Cognito with Socialite as well. It seems that Cognito supports OAuth2. And I found a Socialite Provider for Cognito on Github. You can find it here: https://github.com/kirschbaum-development/laravel-socialite-cognito I did not test it out yet. But reading the docs made a promising impression.
Regarding SAML: There is a SAML Provider on https://socialiteproviders.com/Saml2/ Maybe that helps you out.
But I have no clue if and how a totally auth custom solution could. But I guess so. Socialite seems pretty extendable via the Providers extension.
Thank you for the info! I've since had a bit more hands on experience with writing custom socialite extensions and I echo your last statement that Socialite is extendable enough, at least for the scenarios I outlined in my OP
Were you able to figure this out? If yes, could you please provide the steps that you took. I'm Trying to do the same thing. Basically only allowing users to authenticate using a 3rd party web server (that is not in the Socialite providers list). Any help would be greatly appreciated. It seems as Laravel should really give custom providers as an option
@muhammadjtareen@gmail.com Laravel does give custom providers an option.
Socialite is based around a manager. Just like any other manager class, you can extend it with your own provider:
Socialite::extend('name_of_your_driver', function () {
// Return instance of your provider here...
});
You can then use your provider just like an you the other default ones:
return Socialite::driver('name_of_your_driver')->redirect();
@martinbean When you say extend the class, do you mean that I would have to follow the same steps as outlined as this medium article: https://medium.com/laravel-news/adding-auth-providers-to-laravel-socialite-ca0335929e42. Although this article is from 2015, I thought Socialite would have had an easier way to come up with custom providers.
@muhammadjtareen@gmail.com No, that’s exactly what I was suggesting.
There is no “easy” way to make a custom provider. You need to create a class and implement methods to tell Socialite how to authorise against an external server.
Take a look at some of the existing providers for hints on implementation: https://github.com/laravel/socialite/tree/4a77a7b3c496224662aa77744bc73f5fe3aa1e95/src/Two
@martinbean Super helpful. Thank you, I believe I now know how to do this!
Please or to participate in this conversation.