Product Q&As
ForgeRock Identity Platform
ForgeRock Identity Cloud

Does the ForgeRock solution support social authentication?

Last updated Jan 24, 2023

ForgeRock's social authentication lets your users log in once with their preferred social media account, then gain access to all their applications and services. ForgeRock makes this easy by providing pre-configured social identity integrations that can be included in your user journeys.


Users often prefer to authenticate using their social media accounts since it reduces the number of passwords they need to remember and allows them to sign in quickly if they're already logged in to a social media account.  

With social authentication, a user logging into an application or website protected by ForgeRock selects the desired social identity provider, such as Facebook or Yahoo. Once the social provider has verified the user’s identity, the user is logged into your application or website. A user logging in for the first time will be registered in ForgeRock. If ForgeRock is configured to require certain credentials not present in the user's social media account, the user may be asked to provide some additional details during registration.

The use of social media for authentication and self-registration is a common and easy way to reduce the amount of information that needs to be manually entered by a user, and can dramatically reduce the drop out rate often associated with sites that request pages of customer details.


Social authentication is quick and convenient for the user. However, it may be insufficient for protecting sensitive information or any form of transaction or payment. ForgeRock journeys allow you to combine social authentication with a wide range of stronger forms of authentication, such as push notification, one-time passcode and biometrics.

What social identity providers are supported?

ForgeRock provides pre-configured integrations for the following social providers:

  • Amazon
  • Apple
  • Facebook
  • Google
  • Itsme
  • LinkedIn
  • Microsoft
  • Salesforce
  • Twitter
  • Vkontakte
  • WeChat
  • WordPress
  • Yahoo

However, in addition to these, any custom social identity providers can be set up, as long as they are compliant with the OAuth 2.0 authorization framework or OIDC standards.

A single user can be linked with multiple social identity logins. If they return using another social identity provider, the same user profile is used, and potentially updated or enriched with additional details. This is essential in maintaining a clean and accurate user data store without duplicate accounts for the same user.

ForgeRock provides a dashboard where users can choose the social identity providers they want to use for login.


Instagram now uses the Instagram Basic Display API, which is not an authentication solution. Instagram recommends using Facebook Login instead.

Adding social authentication to your user journey

The social identity provider works as an authentication or registration step that can be easily added to your Intelligent Access user journeys. Simply add the Social Provider Handler node to your login or registration journey and configure the journey to meet your specific needs. 

The journey will include all your configured and enabled social identity providers, so you won't need to create different journeys for different providers.

See How do I create end user journeys for social registration and login in Identity Cloud? and Configure basic social registration trees (AM) for further information on how to create journeys for social authentication.

Managing consents

Each social identity provider is configured independently. As part of the identity provider configuration, the appropriate scopes pertaining to the provider are specified. These scopes represent the information that will be shared by the identity provider with ForgeRock when the user provides the consent. The identity provider is then in control of ensuring that the requisite consent has been sought from the user prior to providing the information. 

See Also

Single Sign-On Integrations for Identity Cloud

Social authentication (Identity Cloud)

Social authentication (AM)

ForgeRock SDKs - How to set up social login

Copyright and Trademarks Copyright © 2023 ForgeRock, all rights reserved.