Quickstart
Two HTML tags, real SSO.
This is the five-minute path from nothing to a working sign-in flow.
1. Create an app
Sign in to the LoginWith console and create an app. You’ll get:
- A slug like
acme— this becomesacme.loginwith.dev(your API),acme.loginwith.page(your hosted login page), andacme.loginwith.app(your dashboard). - A client_id and client_secret for server-side use.
- A registered redirect URL that points at your own origin.
2. Drop two tags into your page
<!-- Load the SDK once, anywhere on your page -->
<script defer async src="https://acme.loginwith.dev/cdn/sdk-latest"></script>
<!-- One link per provider. That's it. -->
<a href="https://google.loginwith.link">Sign in with Google</a>The first tag pulls in the SDK. The second is a plain link to https://<provider>.loginwith.link. No JS, no API keys, no callback handler — clicking it starts the OAuth + PKCE dance and lands the user back on your page with a valid session.
3. Use the token
Once the user is signed in, the SDK exposes the access token on a global lgw object:
const token = lgw.getToken() // JWT, ready to send as Bearer
const me = await lgw.users.me() // the current user's profile
fetch("/api/data", {
headers: { Authorization: `Bearer ${token}` },
})4. Verify it on the server
Every framework has an adapter (see Server SDK). The verification itself is standard OAuth 2.0 + JWKS, so any JWT library works:
import { LoginWith } from "@loginwith/client"
const lgw = new LoginWith({
client_id: process.env.LGW_CLIENT_ID!,
client_secret: process.env.LGW_CLIENT_SECRET!,
})
const [caller, error] = await lgw.verify(req.headers.authorization)
if (error) return res.status(401).end()
// caller.userId, caller.clientId, caller.orgId — from the JWT claims.What you just built
- OAuth 2.0 authorization code flow with PKCE
- JWKS-backed bearer token verification
- Session persistence across subdomains
- Automatic token refresh
…in two HTML tags plus one verify call on the server. Next, read Concepts to see how the pieces fit, or jump to the Browser SDK reference.