In this video, we will configure the general Hybridauth settings that are not provider specific.

  • Go to "Configuration => People => Hybridauth" (admin/config/people/hybridauth)
  • Authentication providers: (This section contains the authentication providers we can enable. We'll start looking at these in the next video.)

Required information

  • Click the "Required information" tab
    • [x] Email address
  • (Save configuration)

If the authentication provider doesn't supply the information you select here, the user will be prompted to provide the missing information when they register on your site.

Widget settings

  • Click the "Widget settings" tab
    • Widget title: Or log in with...
    • Widget type: [x] Enabled providers icons (This will render an icon for each of the authentication providers that are enabled)
    • Icon package: HybridAuth 32px (You can also select 16px, 28px, or 48px. Choose the one that makes the most sense for your site.)
    • Widget weight: 100 (This determines where the widget appears on the login or registration form. With a weight of 100 it will display at the bottom of the form. -100 would place it at the top of the form above the regular login fields.)

Account settings

  • Click the "Account settings" tab
    • Who can register accounts? (This is where you select who can register accounts through HybridAuth.
    • [x] Visitors
    • E-mail verification: Follow core
    • [x] Save HybridAuth provided picture as user picture
    • Username pattern and display name pattern: (I'll just use the defaults, but you can click the "Token" link to see your available options.)
    • [ ] Allow username change when registering (This is useful if users might need to know their username. If they're always login in with social accounts, it may not be necessary.)
    • [ ] Ask user for a password when registering (Again only really needed if the user will log into the site directly. Not necessary if they will login with social accounts.)
    • [x] Disable username change (This prevents users from changing their username. If unchecked, the user will be able to change their username from the one created by the Username pattern above.)
    • [x] Remove password fields (If this is checked, accounts that are created by HybridAuth will not have a password field. Since they are authenticating via their social media account, there's no need for a password.)

Drupal forms

This section dictates where the "login with social media" icons will be displayed. By default they are attached to the login form and login block. I'll also attach them to the user registration form but not comment form since you must be logged in to comment on my site, and it wouldn't make sense to ask them to log in with social media if they are already logged in.

  • [x] User login form
  • [x] User login block
  • [x] User registration form
  • [ ] Comment form

Other settings

  • Redirect after login: (I'll leave empty to redirect to the page they were on when they needed to login.)
  • Duplicate emails: Don't allow duplicate email addresses, add new identity to the existing account and login (I'll set to add the new identity to the existing account and log them in. This way if a user has already authenticated with Twitter, and then tries to authenticate with FaceBook and both accounts use the same email address, the FaceBook identity will just be added to the user's account and they will be logged in. The default setting would show an error message, which isn't great for user experience. And I don't like the idea of having multiple accounts with the same email address.)
  • (Save configuration)

Lastly, we'll have to grant the anonymous and authenticated users permission to use HybridAuth to login and add additional HybridAuth identities to their account.

Configure permission

  • Go to "People => Permissions" (admin/people/permissions)
  • Scroll down to HybridAuth
  • Grant "Use HybridAuth" to:
    • [x] Anonymous user
    • [x] Authenticated user
  • (Save permissions)

Since we attached this to forms like the login block, we could stop here. It's ready to use. However, if you'd rather only have users login with social profiles, and not create accounts directly on your site, you can use the block that comes with HybridAuth to accomplish that.

Display HybridAuth login block in the sidebar

  • Go to "Structure => Blocks" (admin/structure/block)
  • Scroll down to Disabled
    • Block: User login - HybridAuth widget only
    • Region: Choose "Sidebar first"
  • (Save blocks)

Since we haven't added authentication providers yet, this block will be empty, so, we'll come back and take a look at it after we've setup Facebook login.

In the next video, I will show you how to create a Facebook app that will be used to authenticate user accounts, and configure HybridAuth to utilize that app to allow users to register and login to our site using Facebook.