OAuth (Social Login)

OAuth lets users authenticate with your application without creating a new password. Instead, they click "Sign in with Google" (or GitHub, Apple, etc.), authorize your app on the provider's page, and get redirected back with a token that proves their identity.

The flow works in four steps: your app redirects to the OAuth provider, the user approves, the provider redirects back with an authorization code, and your server exchanges that code for an access token and user profile. Libraries and auth services (Supabase Auth, NextAuth, Clerk) handle this flow so you rarely implement it from scratch.

For vibe coders, OAuth is a common requirement that AI handles well. You describe which providers you want ("add Google and GitHub login") and AI generates the configuration. The key decisions are choosing an auth library, deciding what user data to store, and handling the edge case of a user signing in with Google one day and GitHub the next.