はじめに
プロバイダー設定ガイド
Authonで各OAuthプロバイダーを設定するためのステップバイステップの手順です。すべてのプロバイダーで Client ID と Client Secretを取得し、Authonダッシュボードのプロバイダーページに貼り付けてください。
リダイレクト / コールバックURLパターン:
https://api.authon.dev/v1/auth/oauth/{provider}/callback
Google OAuth 2.0 is configured via Google Cloud Console.
1
Go to console.cloud.google.com and select or create a project.
2
In the left menu, navigate to APIs & Services → OAuth consent screen. Choose External and fill in the required fields (App name, support email, developer contact).
3
Navigate to APIs & Services → Credentials → Create Credentials → OAuth 2.0 Client ID. Select Web application.
4
Under Authorized redirect URIs, add the Authon callback URL:
https://api.authon.dev/v1/auth/oauth/google/callback
5
Click Create. Copy the Client ID and Client Secret from the popup dialog.
フィールドマッピング:
Client ID←OAuth 2.0 Client ID
Client Secret←OAuth 2.0 Client Secret
要求スコープ:
openidemailprofile
GitHub
Configure at github.com/settings/developers.
1
Go to Settings → Developer settings → OAuth Apps → New OAuth App.
2
Fill in Application name and Homepage URL (e.g.
https://yourapp.com).3
Set Authorization callback URL to:
https://api.authon.dev/v1/auth/oauth/github/callback
4
Click Register application. Then click Generate a new client secret and copy both values.
フィールドマッピング:
Client ID←Client ID
Client Secret←Client Secret
要求スコープ:
read:useruser:email
Apple
Apple Sign In requires a Services ID and a private key for generating a client secret JWT. Configure at developer.apple.com.
1
In the Apple Developer Portal, go to Certificates, Identifiers & Profiles → Identifiers. Create or select your App ID and enable Sign In with Apple.
2
Create a new identifier of type Services IDs. Give it a description and a unique Bundle ID (e.g.
com.yourapp.web). Enable Sign In with Apple.3
Click Configure next to Sign In with Apple. Add your domain and set the Return URL to:
https://api.authon.dev/v1/auth/oauth/apple/callback
4
Go to Keys → Register a New Key. Enable Sign In with Apple, click Configure, and select your App ID. Download the
.p8 private key file and note the Key ID.5
Apple requires you to generate a short-lived (6-month max) JWT as the Client Secret. Use the script below. The resulting JWT is your Client Secret.
Or use this tool to generate the JWT directly in your browser — nothing is sent to any server:
Apple Client Secret Generatorruns in your browser — nothing is sent to any server
注意: Apple client secrets expire after a maximum of 6 months. You will need to regenerate and update the secret in your Authon dashboard before it expires.
フィールドマッピング:
Client ID←Services ID Bundle ID (e.g. com.yourapp.web)
Client Secret←Generated JWT string (from the script above)
Configure via Meta Developers.
1
Go to developers.facebook.com → My Apps → Create App. Choose Consumer or Business as the app type.
2
After creating the app, find Facebook Login in the product list and click Set Up.
3
Go to Facebook Login → Settings. Under Valid OAuth Redirect URIs, add:
https://api.authon.dev/v1/auth/oauth/facebook/callback
4
Go to App Settings → Basic. Copy the App ID and App Secret.
5
To allow users other than yourself to sign in, switch the app from Development to Live mode using the toggle at the top.
フィールドマッピング:
Client ID←App ID
Client Secret←App Secret
要求スコープ:
public_profileemail
Instagram OAuth uses the Instagram Basic Display API (or the newer Instagram Graph API), which is also managed through Meta Developers.
1
Go to developers.facebook.com → My Apps → Create App. Select Consumer.
2
In the app dashboard, find Instagram Basic Display and click Set Up. Then go to Instagram Basic Display → Basic Display.
3
Under Valid OAuth Redirect URIs, add:
https://api.authon.dev/v1/auth/oauth/instagram/callback
4
Add a test user under Roles → Instagram Test Users to test during development.
5
From Instagram Basic Display → Basic Display, copy the Instagram App ID and Instagram App Secret.
フィールドマッピング:
Client ID←Instagram App ID
Client Secret←Instagram App Secret
要求スコープ:
user_profileuser_media
Microsoft
Configure via Azure Portal.
1
Go to portal.azure.com → Azure Active Directory (or Microsoft Entra ID) → App registrations → New registration.
2
Enter a name, select Accounts in any organizational directory and personal Microsoft accounts for the broadest compatibility.
3
Under Redirect URI, choose Web and enter:
https://api.authon.dev/v1/auth/oauth/microsoft/callback
4
Click Register. Copy the Application (client) ID from the overview page.
5
Go to Certificates & secrets → Client secrets → New client secret. Copy the Value immediately (it is only shown once).
フィールドマッピング:
Client ID←Application (client) ID
Client Secret←Client secret Value
要求スコープ:
openidemailprofileUser.Read
Discord
Configure via discord.com/developers.
1
Go to the Developer Portal → New Application. Give it a name and confirm.
2
In the left sidebar, go to OAuth2. Under Redirects, click Add Redirect and enter:
https://api.authon.dev/v1/auth/oauth/discord/callback
3
Stay on the OAuth2 page. Copy the Client ID. Click Reset Secret and copy the new Client Secret.
フィールドマッピング:
Client ID←Client ID
Client Secret←Client Secret
要求スコープ:
identifyemail
X (Twitter)
Authon uses OAuth 2.0 with PKCE. Configure via developer.twitter.com.
1
Go to the Developer Portal → Projects & Apps → select or create a project → Add App.
2
Under App Settings → Authentication settings, enable OAuth 2.0. Set App type to Web App.
3
Set the Callback URI to:
https://api.authon.dev/v1/auth/oauth/twitter/callback
4
Copy the Client ID and Client Secret from the Keys and tokens tab.
注意: Twitter / X OAuth 2.0 requires a Developer Account with Elevated access for the
email scope. Without it, only users.read and tweet.read are available.フィールドマッピング:
Client ID←OAuth 2.0 Client ID
Client Secret←OAuth 2.0 Client Secret
要求スコープ:
users.readtweet.readoffline.access
Configure via linkedin.com/developers.
1
Go to linkedin.com/developers/apps → Create App. Fill in the app name, LinkedIn Page, and logo.
2
Go to the Auth tab. Under Authorized redirect URLs for your app, add:
https://api.authon.dev/v1/auth/oauth/linkedin/callback
3
Copy the Client ID and Client Secret from the same Auth tab.
4
Go to the Products tab and request access to Sign In with LinkedIn using OpenID Connect.
フィールドマッピング:
Client ID←Client ID
Client Secret←Client Secret
要求スコープ:
openidprofileemail
Slack
Configure via api.slack.com/apps.
1
Go to api.slack.com/apps → Create New App → From scratch. Choose a workspace for development.
2
In the left sidebar, go to OAuth & Permissions. Under Redirect URLs, click Add New Redirect URL and enter:
https://api.authon.dev/v1/auth/oauth/slack/callback
3
Under Scopes → User Token Scopes, add the required scopes.
4
Go to Basic Information. Copy the Client ID and Client Secret under App Credentials.
フィールドマッピング:
Client ID←Client ID
Client Secret←Client Secret
要求スコープ:
openidemailprofile
Twitch
Configure via dev.twitch.tv/console.
1
Go to dev.twitch.tv/console → Applications → Register Your Application.
2
Set the OAuth Redirect URL to:
https://api.authon.dev/v1/auth/oauth/twitch/callback
3
Set the Category to Website Integration. Click Create.
4
Click Manage on your app. Copy the Client ID. Click New Secret and copy the Client Secret.
フィールドマッピング:
Client ID←Client ID
Client Secret←Client Secret
要求スコープ:
openiduser:read:email
LINE
Configure via developers.line.biz.
1
Go to developers.line.biz → Providers → select or create a provider → Create a new channel → choose LINE Login.
2
Fill in the channel name, description, and app type (Web app).
3
Go to the LINE Login tab. Under Callback URL, add:
https://api.authon.dev/v1/auth/oauth/line/callback
4
Go to the Basic settings tab. Copy the Channel ID and Channel secret.
フィールドマッピング:
Client ID←Channel ID
Client Secret←Channel secret
要求スコープ:
profileopenidemail
Kakao
Configure via developers.kakao.com.
1
Go to developers.kakao.com → My Application → Add Application. Enter an app name and company name.
2
In the app dashboard, go to Kakao Login → Activate. Under Redirect URI, add:
https://api.authon.dev/v1/auth/oauth/kakao/callback
3
Go to App Keys. Copy the REST API Key — this is your Client ID.
4
To enable a Client Secret, go to Kakao Login → Security → enable Client Secret and copy the generated secret value.
注意: The Kakao Client Secret is optional but strongly recommended for production. Without it, the Client ID alone is used for token exchange, which is less secure.
5
Under Kakao Login → Consent items, activate Nickname, Profile picture, and Kakao account (email).
フィールドマッピング:
Client ID←REST API Key
Client Secret←Client Secret code (optional but recommended)
要求スコープ:
profile_nicknameprofile_imageaccount_email
Naver
Configure via developers.naver.com.
1
Go to developers.naver.com/apps/#/register. Log in with your Naver account and click 애플리케이션 등록 (Register Application).
2
Enter the application name. Under 사용 API, select 네이버 로그인 (Naver Login) and choose the permission items: Name, Email, Profile image, Mobile.
3
Under 서비스 URL, enter your app's homepage URL. Under Callback URL, add:
https://api.authon.dev/v1/auth/oauth/naver/callback
4
After registering, go to the app's 개요 (Overview) tab. Copy the Client ID and Client Secret.
フィールドマッピング:
Client ID←Client ID
Client Secret←Client Secret
Spotify
Configure via developer.spotify.com/dashboard.
1
Go to developer.spotify.com/dashboard → Create App. Fill in the app name, description, and website URL.
2
Under Redirect URIs, add:
https://api.authon.dev/v1/auth/oauth/spotify/callback
3
Check Web API and Web Playback SDK if needed. Click Save.
4
In the app dashboard, click Settings. Copy the Client ID and click View client secret to copy the Client Secret.
フィールドマッピング:
Client ID←Client ID
Client Secret←Client Secret
要求スコープ:
user-read-emailuser-read-private
TikTok
Configure via developers.tiktok.com.
1
Go to developers.tiktok.com/apps → Create App. Provide the app name and description.
2
Under the Login Kit product section, enable it and add the redirect URI:
https://api.authon.dev/v1/auth/oauth/tiktok/callback
3
Under Scopes, enable user.info.basic and user.info.email.
4
Copy the Client Key (used as Client ID) and Client Secret from the app detail page.
注意: TikTok uses the term "Client Key" instead of "Client ID". Paste the Client Key into the Client ID field in Authon.
フィールドマッピング:
Client ID←Client Key
Client Secret←Client Secret
要求スコープ:
user.info.basicuser.info.email
GitLab
GitLab supports OAuth 2.0 and can be configured at either gitlab.com or a self-hosted GitLab instance.
1
On GitLab, go to your avatar → Edit profile → Applications (in the left sidebar).
2
Fill in the Name. Under Redirect URI, add:
https://api.authon.dev/v1/auth/oauth/gitlab/callback
3
Under Scopes, check read_user and email.
4
Click Save application. Copy the Application ID and the Secret.
フィールドマッピング:
Client ID←Application ID
Client Secret←Secret
要求スコープ:
read_useremailopenidprofile
Bitbucket
Configure via Bitbucket Workspace settings at bitbucket.org.
1
Go to Workspace Settings (click your avatar → select a workspace → Settings) → OAuth consumers → Add consumer.
2
Fill in the Name and Callback URL:
https://api.authon.dev/v1/auth/oauth/bitbucket/callback
3
Under Permissions, check Account → Read and Email → Read.
4
Click Save. Expand the consumer to view the Key (Client ID) and Secret (Client Secret).
フィールドマッピング:
Client ID←Key
Client Secret←Secret
Notion
Configure via notion.so/my-integrations.
1
Go to notion.so/my-integrations → New integration.
2
Enter an Integration name, select a workspace, and choose Public integration type.
3
In the OAuth Domain & URIs section, add the redirect URI:
https://api.authon.dev/v1/auth/oauth/notion/callback
4
After creating the integration, go to its settings page and click Show next to the Client Secret to reveal it. Copy the OAuth client ID and OAuth client secret.
注意: Notion OAuth only grants access to pages and databases the user explicitly selects during the authorization flow. The
user.email capability must be enabled in the integration settings to retrieve the user's email address.フィールドマッピング:
Client ID←OAuth client ID
Client Secret←OAuth client secret