--- title: "How to Configure Login Options" url: "https://quepid-docs.dev.o19s.com/2/quepid/50/how-to-configure-login-options" --- # How to Configure Login Options You can log into Quepid in a number of ways, including with email/password, or using oAuth providers like Google Auth or Keycloak. ## Disabling Email/Password Sign In By default `.env` file contains: ``` # Whether or not signing in via email/password is enabled. EMAIL_SIGNIN_ENABLED=true ``` Setting it to `false` prevents you from being able to sign in using an email/password combination. ## OAuth Quepid uses [OmniAuth](https://github.com/intridea/omniauth) for authenticating users against other resources besides it's own email/password database. OmniAuth provides an easy way to authenticate against dozens of outside services. The only ones that are packaged with Quepid are Google and Keycloak, but it's fairly easy to add new ones. Learn more about setting up Google oAuth at https://support.google.com/cloud/answer/6158849?hl=en. The built in options are `GOOGLE_CLIENT_ID`, `GOOGLE_CLIENT_SECRET`, `KEYCLOAK_REALM` and `KEYCLOAK_SITE`. The OmniAuth providers are defined in `config/initializers/devise.rb`. A list of available providers can be viewed on the [OmniAuth Wiki](https://github.com/intridea/omniauth/wiki/List-of-Strategies). To enable a provider you need to add the gem (eg. `omniauth-facebook`) to the `Gemfile` and configure in `devise.rb` and `user.rb` The existence of `GOOGLE_CLIENT_ID` or `KEYCLOAK_REALM` enables the respective sign in option. ### Keycloak Setup Details Quepid has a basic Keycloak config file in `/keycloak/realm-config/quepid-realm.json` that is used for development purposes. We have a Realm called `Quepid`, and it includes a Client called `quepid`. The client is where the specific configuration for how Quepid interacts with Keycloak via oAuth is set up. We *assume* that the client definition in Keycloak will be named `quepid`, you can't change that. You can pick your Realm name however. Keycloak 17+ removes the `/auth` portion of the url. If you are using earlier versions of keycloak, you need to set `base_url:'/auth'` in `devise.rb`.