How Do You Decide Which OAuth Providers/Login Options to Use?
Hi Indie Hackers,
How do you decide which OAuth providers to provide as a login for your SaaS app? Suppose it's a generic B2C app (yes, I know you think I should do B2B, and yes, I know you think I should validate before writing code. I can write a separate post on why I'm not but let's stay on topic).
So my thinking is:
- Email and password
- Pros: Classic, simple, doesn't require user to have any other account, doesn't hand control of your login to third-party
- Cons: Adds friction, requires more logic, most easily hacked / compromised
- Google
- Pros: Feels like it's the most common and reliable
- Cons: Slightly unhip/controversial due to privacy, tracking, monopoly
- Facebook - similar pro/con as Google but even moreso
- Apple
- Pro : Common, not too controversial
- Con: Doesn't seem as omnipresent and commonly used as a Google login
- Twitter
- Pro: Feels hip to indie hacker community
- Con: Many normal people don't have Twitter (lower MAU than the others)
- Github - simliar pro/con as Twitter but even moreso
- Crypto (Signin with ethereum)
- Pro : Very futuristic and decentralized
- Con: Still too easy to lose access, controversial
- Magic link (email user a link to a new session via email everytime they login)
- Pro: Private, general, secure, easy
- Con: Feels a bit newer, people might be confused by the workflow
Finally, it's tempting to say - all of them! But obviously that's more code and more UI clutter.
I know the best anwer is probably "whatever your target audience will use the most" . But I wanted to ask this community if there were any other opinions or considerations.
I guess after typing all this up , the magic link approach feels best. However, it's relatively uncommon. I'm wondering if there's any additional thoughts to this topic that anyone could share?
