New Component: streamlit-oauth

dnplus · January 24, 2024, 3:16am

Hi

For now, you can share the authentication state across pages using session_state.

The functionality to use cookies or local storage is planned to be added in the future.

Gene_Ruebsamen · February 7, 2024, 3:30am

Hi @dnplus,
Thanks for this great library.
Is there any way to retrieve the email address and/or username of the authenticated user?

ferdy · February 7, 2024, 12:12pm

Have a look on this example.

Charu_Joshi · March 27, 2024, 9:07pm

Can anyone help with GitHub auth please?

Heather_Wisor · April 12, 2024, 12:30pm

Thank you so much, this was exactly what I was looking for. Couldn’t figure out the button + url and you provide that!

santanu_pathak · June 7, 2024, 2:49am

Thank you @dnplus for such a helpful component.
I am able to easily integrate it … I am however looking for some guidance here.
After authentication, I would like to use the user to create google slides programmatically using his account… not sure how to use the response from oauth2.authorize_button() to a credential in service = build(‘slides’, ‘v1’, credentials=). the credential is of type oauth2client.Credentials or google.auth.credentials.Credentials, credentials to be used for authentication.

Any suggestion would really help… Truly appreciate…

dnplus · June 7, 2024, 3:55am

refer to google.auth.credentials module — google-auth 1.30.0 documentation

Seems like it is a class to represent the token response.

I think you can fill the necessary parameters from oauth2.authorize_button() into that class to create an object to use it

santanu_pathak · June 7, 2024, 4:54am

Thank you @dnplus for that reply… One more question… how can we provide more scopes? seems you are loading dotenv which has scope variable defined: SCOPE = os.environ.get(“SCOPE”) and then use it like:
scope=“openid email profile”
If I want to add more scopes, how I can do so? is it possible to share the env file without the sensitive information.

dnplus · June 7, 2024, 9:10am

It just an example, you can define scope directly and pass when calling authorize_button

oauth2.authorize_button("authorize", redirect_uri, "email openid") # split each scope with space

sm1506 · August 29, 2024, 7:11am

hi, Do you have an example of using cookies to store the state? can you please point to the example? The issue I have is that page refresh triggers fresh login and session_state is lost

dnplus · September 27, 2024, 8:16am

You can use streamlit-cookies-controller · PyPI to save the session state.

Aryan4 · October 11, 2024, 5:12pm

Hi @dnplus,

I have code that looks like this for Oauth with pingID:


oauth2 = #initalized_correctly
# from your github
if 'token' not in st.session_state:
    result = oauth2.authorize_button(name="SSO", redirect_uri=os.environ['REDIRECT_URL'], scope=os.environ['SCOPE'], use_container_width=True, auto_click=True,  extras_params={'response_type': 'code'})
    if result and 'token' in result:
        st.session_state.token = result.get('token')
        st.rerun()
else:
        render_webpage()

but I get the following error signature starting with:
site-packages/streamlit_oauth/init.py", line xyz, in authorize_button
result[‘token’] = asyncio.run(self.client.get_access_token(**args))

Also the auto_click does not work

dnplus · October 28, 2024, 9:16am

what’s the full error message?

And how you make sure the oauth2 object initialized correctly?

rishabhjain9024 · November 20, 2024, 4:14pm

Enable CORS in your oauth provider. For example in Okta: Enable CORS in API → SECURITY → Trusted Origins

jrieke · February 10, 2025, 10:18pm

Hey all! Just wanted to mention here that with 1.42, we recently launched a native authentication feature in Streamlit! This let’s you add auth via OIDC/OAuth2 (e.g. “Login with Google”) to your app. Check out the docs here: User authentication and information - Streamlit Docs

e_kelassal · April 14, 2025, 3:50pm

@dnplus This is a great module—thank you for putting it together! It’s working as expected for me. I do have a quick question though: is it possible to capture the user’s email address during the identification process?

Thanks

dnplus · April 16, 2025, 1:47am

Thanks! Glad to hear it’s working well for you.

Regarding your question:
In theory, accessing the popup’s content from a parent window would violate browser security policies if they are on different origins, so it wouldn’t be feasible in that case.

JITHIN2 · May 21, 2025, 9:34am

Hi,

Can we remove the “Authorize” button during Okta authentication and directly call the application?

I tried using the following approach:
result = oauth2.authorize (config.REDIRECT_URI,
config.SCOPE,
pkce=‘S256’
)
However, I encountered the following error: AttributeError: ‘OAuth2Component’ object has no attribute ‘authorize’
We are currently using streamlit-oauth==0.1.14.
Could you please help resolve this issue?

Topic		Replies	Views
OAuth component for Streamlit Custom Components authentication	2	3421	January 16, 2024
Idea: Streamlit Sessions Random	2	2151	November 19, 2021
New component: Login authentication (Oauth) and localStorage access in Streamlit, synchronous communication Custom Components authentication	5	3004	March 22, 2023
Streamlit OAuth with Google Login & Cookie Session Show the Community!	0	28	May 27, 2025
RANT -> Feeling very disillusioned building on Streamlit with lack of cookie support for cloud deployment Community Cloud discussion	32	3288	September 27, 2025

New Component: streamlit-oauth

Related topics