> ## Documentation Index
> Fetch the complete documentation index at: https://docs.streambird.io/llms.txt
> Use this file to discover all available pages before exploring further.

# Configure login methods

To enable user authentication in your application, you'll need to configure at least one login method in the MoonKey Dashboard. Choose from multiple authentication options to provide your users with flexible and secure access to their accounts.

<Tip>
  We recommend enabling multiple authentication methods to ensure users can access their accounts even if they lose access to one method. Consider combining email with social providers or wallet login for better coverage.
</Tip>

## Basic login methods

### Email login

Email authentication provides a passwordless login experience using one-time passwords (OTPs) sent directly to users' email addresses.

**How it works:**

1. User enters their email address
2. MoonKey sends a 6-digit OTP to their email
3. User enters the OTP to complete authentication
4. OTP expires after 10 minutes

**To enable email login:**

1. Navigate to **SDK Settings** in your dashboard
2. Enable the **Email** authentication option
3. Optionally customize the email template in **Email Templates**

<Info>
  Email addresses are automatically verified through the OTP process. Users who authenticate via email will have their email marked as verified in their account.
</Info>

### Wallet login

Wallet-based authentication allows users to sign in using their existing Web3 wallets through cryptographic signature verification.

**Supported wallet authentication:**

* **Sign In With Ethereum (SIWE)** — Authenticate users with any Ethereum or EVM-compatible wallet
* **Sign In With Solana (SIWS)** — Authenticate users with Solana wallets

**How it works:**

1. User connects their Web3 wallet (MetaMask, Phantom, etc.)
2. MoonKey generates a signature request
3. User signs the message in their wallet
4. MoonKey verifies the signature and authenticates the user

**To enable wallet login:**

1. Navigate to **SDK Settings** in your dashboard
2. Enable **Wallet** authentication
3. Select which blockchain networks to support (Ethereum, Solana, or both)

<Tip>
  Wallet authentication is ideal for crypto-native applications where users already have Web3 wallets. It provides a familiar experience for blockchain users.
</Tip>

## Social providers (OAuth)

MoonKey supports OAuth-based authentication through popular social providers, allowing users to sign in with their existing social accounts.

### Supported OAuth providers

* **Google** — Let users sign in with their Google account
* **Apple** — Let users sign in with their Apple ID

<Info>
  Additional OAuth providers (Microsoft, Discord, GitHub, and more) are coming soon. Contact us if you need support for a specific provider.
</Info>

### Configuring your OAuth credentials

To use OAuth authentication, you must configure your own OAuth credentials for each provider. MoonKey does not provide default credentials.

**Benefits of using OAuth:**

* Your branding appears on the authentication screen
* Users can leverage existing accounts they trust
* Streamlined onboarding without password creation
* Automatic email verification through the provider

### Configuring custom OAuth credentials

<Steps>
  <Step title="Create OAuth apps with each provider">
    For each social provider you want to support, create an OAuth application through their developer portal:

    * **Google**: [Google Cloud Console](https://console.cloud.google.com/)
    * **Apple**: [Apple Developer Portal](https://developer.apple.com/)

    During setup, you'll need to specify MoonKey's OAuth callback URL as your redirect URI:

    ```
    https://auth.moonkey.fun/api/v1/oauth/callback
    ```
  </Step>

  <Step title="Enter credentials in MoonKey Dashboard">
    After creating your OAuth apps, navigate to the **OAuth** section in your MoonKey Dashboard:

    1. Select the provider you want to configure
    2. Enter your OAuth credentials (Client ID and Client Secret)
    3. Save the configuration

    <Warning>
      OAuth credentials go live immediately upon saving. Always test in a development app with development credentials before configuring your production app.
    </Warning>
  </Step>

  <Step title="Enable the provider">
    Once your credentials are configured:

    1. Navigate to **SDK Settings**
    2. Enable the OAuth providers you want users to access
    3. The authentication options will appear in your application's login flow
  </Step>
</Steps>

### Provider-specific setup guides

<AccordionGroup>
  <Accordion title="Google OAuth">
    **Creating a Google OAuth application:**

    1. Go to [Google Cloud Console](https://console.cloud.google.com/)
    2. Create a new project or select an existing one
    3. Enable the Google+ API
    4. Navigate to **Credentials** and create OAuth 2.0 credentials
    5. Add `https://auth.moonkey.fun/api/v1/oauth/callback` as an authorized redirect URI
    6. Copy your Client ID and Client Secret

    **Required scopes:**

    * `openid`
    * `email`
    * `profile`

    <Info>
      Google OAuth may not work in in-app browsers (like those embedded in social media apps) due to Google's security restrictions. Consider enabling additional login methods for broad compatibility.
    </Info>
  </Accordion>

  <Accordion title="Apple OAuth">
    **Creating an Apple OAuth application:**

    1. Visit [Apple Developer Portal](https://developer.apple.com/)
    2. Create a new Services ID under **Certificates, Identifiers & Profiles**
    3. Enable **Sign in with Apple** capability
    4. Configure the redirect URL: `https://auth.moonkey.fun/api/v1/oauth/callback`
    5. Create a private key for your Services ID
    6. Note your Team ID, Services ID, and Key ID

    You'll need to provide:

    * **Team ID**: Your Apple Developer team identifier
    * **Services ID**: Your application's services identifier
    * **Key ID**: The identifier for your Sign in with Apple key
    * **Private Key**: The .p8 private key file
  </Accordion>
</AccordionGroup>

## Testing your configuration

After enabling login methods, test each one in your development environment:

1. Initialize the MoonKey SDK with your development App ID
2. Attempt to authenticate using each enabled method
3. Verify users can successfully log in and their data appears in the dashboard
4. Test the user experience across different browsers and devices

<Warning>
  Always test authentication flows in a development app before deploying to production. This prevents disruptions to existing users.
</Warning>

## Best practices

**Security:**

* Store OAuth credentials securely and never commit them to version control
* Use separate apps and credentials for development, staging, and production
* Regularly rotate OAuth secrets according to your security policies

**User experience:**

* Enable multiple authentication methods to accommodate different user preferences
* Provide clear messaging about which login methods are available
* Consider regional availability when choosing authentication options

**Compliance:**

* Review each OAuth provider's terms of service and usage requirements
* Ensure your privacy policy covers data collected through social logins
* Maintain compliance with data protection regulations (GDPR, CCPA, etc.)
