OAuth / SSO Providers
License Required
OAuth providers require the OAuth Providers license add-on. Without this license, OAuth/SSO login options will not be available.
BadgerPanel supports single sign-on (SSO) through external OAuth providers, allowing users to log in or register using their existing accounts.
Supported Providers
BadgerPanel supports the following OAuth providers:
- Discord
- GitHub
- Microsoft
Each provider can be configured independently with its own settings and behavior.
Setting Up a Provider
Navigate to Admin > Settings > OAuth and click on the provider you want to configure.
Google
- Go to the Google Cloud Console and create a new project (or select an existing one).
- Navigate to APIs & Services > Credentials and create an OAuth 2.0 Client ID.
- Set the authorized redirect URI to your panel's callback URL (shown on the configuration page).
- Copy the Client ID and Client Secret into BadgerPanel.
Discord
- Go to the Discord Developer Portal and create a new application.
- Navigate to OAuth2 in the sidebar.
- Add the redirect URI shown on the BadgerPanel configuration page.
- Copy the Client ID and Client Secret into BadgerPanel.
GitHub
- Go to GitHub Developer Settings and create a new OAuth App.
- Set the authorization callback URL to the redirect URI shown on the BadgerPanel configuration page.
- Copy the Client ID and Client Secret into BadgerPanel.
Microsoft
- Go to the Azure Portal and navigate to Azure Active Directory > App registrations.
- Create a new registration and set the redirect URI to the callback URL shown on the BadgerPanel configuration page.
- Navigate to Certificates & secrets and create a new client secret.
- Copy the Application (client) ID and the Client Secret into BadgerPanel.
Provider Options
Each provider has the following configuration options:
| Option | Description |
|---|---|
| Allow Login | Permits existing users with a linked account to log in via this provider |
| Allow Registration | Permits new users to create an account by authenticating with this provider |
| Auto Link | Automatically links the OAuth account to an existing BadgerPanel account if the email addresses match |
Button Customization
Each provider's login button can be customized:
| Option | Description |
|---|---|
| Color | The background color of the login button |
| Icon | The icon displayed on the login button |
These settings control how the provider appears on the login and registration pages.
User Account Linking
Users can link and unlink OAuth accounts from Account > Settings. The account settings page shows all available providers and their current link status.
- Linking - click the provider name and authenticate to link the account
- Unlinking - click the unlink button next to a linked provider to remove the connection
Users must always have at least one login method available (password or linked provider). The panel prevents unlinking the last provider if no password is set.
Security Considerations
- Auto Link matches accounts by email address. If a user controls an OAuth account with the same email as an existing BadgerPanel account, auto-link will grant them access. Only enable auto-link for providers where you trust the email verification process.
- Users who register via OAuth without a password can set one later from their account settings.
- Disabling a provider does not unlink existing accounts - it only prevents new logins and registrations through that provider.
- If a provider's API becomes unavailable, users with linked accounts can still log in with their password (if one is set).