Configuration
Available settings:
SOCIALACCOUNT_ADAPTER
(default:"allauth.socialaccount.adapter.DefaultSocialAccountAdapter"
)Specifies the adapter class to use, allowing you to alter certain default behaviour.
SOCIALACCOUNT_AUTO_SIGNUP
(default:True
)Attempt to bypass the signup form by using fields (e.g. username, email) retrieved from the social account provider. If a conflict arises due to a duplicate email address the signup form will still kick in.
SOCIALACCOUNT_EMAIL_AUTHENTICATION
(default:False
)Consider a scenario where a social login occurs, and the social account comes with a verified email address (verified by the account provider), but that email address is already taken by a local user account. Additionally, assume that the local user account does not have any social account connected. Now, if the provider can be fully trusted, you can argue that we should treat this scenario as a login to the existing local user account even if the local account does not already have the social account connected, because – according to the provider – the user logging in has ownership of the email address. This is how this scenario is handled when
SOCIALACCOUNT_EMAIL_AUTHENTICATION
is set toTrue
. As this implies that an untrustworthy provider can login to any local account by fabricating social account data, this setting defaults toFalse
. Only set it toTrue
if you are using providers that can be fully trusted. Instead of turning this on globally, you can also turn it on selectively per provider, for example:SOCIALACCOUNT_PROVIDERS = { 'google': { 'EMAIL_AUTHENTICATION': True } }
SOCIALACCOUNT_EMAIL_AUTHENTICATION_AUTO_CONNECT
(default:False
)In case email authentication is applied, this setting controls whether or not the social account is automatically connected to the local account. In case of
False
the local account remains unchanged during the login. In case ofTrue
, the social account for which the email matched, is automatically added to the list of social accounts connected to the local account. As a result, even if the user were to change the email address afterwards, social login would still be possible when usingTrue
, but not in case ofFalse
.SOCIALACCOUNT_EMAIL_VERIFICATION
(default:ACCOUNT_EMAIL_VERIFICATION
)As
ACCOUNT_EMAIL_VERIFICATION
, but for social accounts.SOCIALACCOUNT_EMAIL_REQUIRED
(default:ACCOUNT_EMAIL_REQUIRED
)The user is required to hand over an email address when signing up using a social account.
SOCIALACCOUNT_FORMS
Used to override forms. Defaults to:
SOCIALACCOUNT_FORMS = { 'disconnect': 'allauth.socialaccount.forms.DisconnectForm', 'signup': 'allauth.socialaccount.forms.SignupForm', }
SOCIALACCOUNT_LOGIN_ON_GET
(default:False
)Controls whether or not the endpoints for initiating a social login (for example, “/accounts/google/login/”) require a POST request to initiate the handshake. For security considerations, it is strongly recommended to require POST requests.
SOCIALACCOUNT_PROVIDERS
(default:{}
)Dictionary containing provider specific settings.
SOCIALACCOUNT_REQUESTS_TIMEOUT
(default:5
)The timeout applied when performing upstream requests.
SOCIALACCOUNT_QUERY_EMAIL
(default:ACCOUNT_EMAIL_REQUIRED
)Request email address from 3rd party account provider? E.g. using OpenID AX, or the Facebook “email” permission.
SOCIALACCOUNT_SOCIALACCOUNT_STR
(default:str
of user object)Used to override the str value for the SocialAccount model.
Must be a function accepting a single parameter for the socialaccount object.
SOCIALACCOUNT_STORE_TOKENS
(default:False
)Indicates whether or not the access tokens are stored in the database. Note that tokens can only be stored if the related social account is stored as well, which is not the case when you are using
SOCIALACCOUNT_EMAIL_AUTHENTICATION
withoutSOCIALACCOUNT_EMAIL_AUTHENTICATION_AUTO_CONNECT
.SOCIALACCOUNT_ONLY
(default:False
)When enabled (
True
), all functionality with regard to local accounts is disabled, and users will only be able to authenticate using third-party providers.SOCIALACCOUNT_OPENID_CONNECT_URL_PREFIX
(default:"oidc"
)The URL path prefix that is used for all OpenID Connect providers. By default, it is set to
"oidc"
, meaning, an OpenID Connect provider with provider IDfoo
uses/accounts/oidc/foo/login/
as its login URL.