RegisterLogin
DocsPricing
RegisterLogin
  • Getting Started
  • Introduction
  • Quick Start
  • SDKs
  • React
  • TypeScript
  • Next.js
  • Express
  • NestJS
  • Python
  • API Reference
  • Support and Resources
  • FAQ
  • Contact

useLogin

The useLogin hook provides methods to trigger the OAuth 2.0 login flow via redirect or popup.

Basic Usage

Basic usage with redirect-based login:

import { useLogin } from 'authsafe-react';

function LoginButton() {
  const { signinRedirect, isLoading } = useLogin();

  return (
    <button onClick={() => signinRedirect()} disabled={isLoading}>
      {isLoading ? 'Logging in...' : 'Login with AuthSafe'}
    </button>
  );
}

Return Values

PropertyTypeDescription
signinRedirect(extraParams?) => Promise<void>Function to trigger redirect-based login
signinPopup(extraParams?) => Promise<void>Function to trigger popup-based login
isLoadingbooleanWhether a login operation is in progress
errorError | nullError object if login failed

Extra Parameters

You can pass additional parameters to the authorization request:

ParameterTypeDescription
scopestringOverride default scopes for this login request
promptstringForce re-authentication or consent (e.g., 'login', 'consent', 'none')
ui_localesstringPreferred UI language(s) for the login page
login_hintstringPre-fill the email/username field on the login page
max_agestringMaximum authentication age in seconds before re-auth is required

Extra Parameters

import { useLogin } from 'authsafe-react';

function LoginButton() {
  const { signinRedirect, isLoading, error } = useLogin();

  const handleLogin = () => {
    signinRedirect({
      scope: 'openid profile email',
      prompt: 'login',
      ui_locales: 'en-US'
    });
  };

  if (error) {
    return <div>Error: {error.message}</div>;
  }

  return (
    <button onClick={handleLogin} disabled={isLoading}>
      {isLoading ? 'Logging in...' : 'Login'}
    </button>
  );
}

Popup vs Redirect

You can choose between two login strategies:

import { useLogin } from 'authsafe-react';

function LoginButton() {
  const { signinPopup, isLoading } = useLogin();

  const handlePopupLogin = async () => {
    try {
      await signinPopup({ scope: 'openid profile email' });
    } catch (err) {
      console.error('Login failed:', err);
    }
  };

  return (
    <button onClick={handlePopupLogin} disabled={isLoading}>
      {isLoading ? 'Logging in...' : 'Login with Popup'}
    </button>
  );
}
Popup Note
  • Redirect: Full page redirect to the authorization server (default, best for most apps).
  • Popup: Opens login in a popup window (useful for SPAs where you want to preserve state).

Type Definition

interface IUseLogin {
  signinRedirect: (extraParams?: Record<string, string>) => Promise<void>;
  signinPopup: (extraParams?: Record<string, string>) => Promise<void>;
  isLoading: boolean;
  error: Error | null;
}
Security Best Practices
  • PKCE is automatically enabled for all login flows
  • State and nonce parameters are validated to prevent CSRF
  • Tokens are stored securely and never exposed in URLs
  • Popup mode uses postMessage for secure cross-window communication
  • All redirects are validated against the configured redirect URI
AuthSafe

Product

HighlightFeatureIntegrationPricingFAQ

Company

AboutBlogContact

Developer

DashboardDocumentation

Legal

Terms & ConditionsPrivacyComplianceShippingCancellationAI
© 2026 AuthSafe. All rights reserved.

We value your privacy

This website uses cookies for anonymous analytics to help us improve your experience. No personal information is stored or shared. You can allow or reject analytics tracking at any time. See our Privacy Policy.

We use cookies for anonymous analytics. No personal info is stored. See our Privacy Policy.