Social Login – All in One with Hybridauth 3 and CodeIgniter

Hybridauth is a quite popular library to integrate Social Login in PHP based applications including CodeIgniter. You can add the login/register feature from almost all social providers like Google, Facebook using it. Hybridauth 3 has a lot of improvements to integrate social Sign In/Up in PHP websites.

However, the latest HA has a lack of proper documentation and support. Additionally, not enough plugins are available yet for frameworks like CodeIgniter, CakePHP. So I decided to write this article to simplify the implementation of all in one social login in CI3 using Hybridauth 3.

Social Login - Hybridauth 3 CodeIgniter

Create Apps and Projects for Social Login

We will write common code for social providers like Google and Facebook using the Hybridauth library. The code will interact with the library and make the social login in the CodeIgniter website easier.

Before you begin, it is a must to create an app or project for each provider you want to use. For this, visit the given provider’s interface and set up that. If you haven’t done so far then refer articles:

After all, just remember that our endpoint URL is http://localhost/tuts/social/auth/ for the development environment. Similarly, it would be DOMAIN/social/auth/ for the live website. Just replace DOMAIN with your real domain name along with the protocol and with or without www.

Also, the trailing slash is a must. Don’t forget to supply it to the respective field by the provider. If the directory in the htdocs folder is anything other then ‘tuts’ then update the endpoint URL wherever applicable.

Integrate Hybridauth 3 in CodeIgniter 3

So far I assume you have a running CI3 project in the local setup. Now we need to download and add the HA library in our project. But DON’T DOWNLOAD the latest release of it from GitHub. Because you won’t find autoloader file in that after unzipping.

Rather download the master zip from this link:

Further, extract the zip in application/third_party directory. So the autoloader file path could look as:

Yybridauth Social Login CodeIgniter

CodeIgniter Function for Social Login

Here is the magic code, that works as all in one unified interface. Add in the social.php controller file.

In the controller, we’ve included HA autoloader file and further used Hybridauth’s namespace. Then there are three methods. The index method displays a social link with each enabled provider. In the auth method, the HA library handles all the processes. Finally, the last one is a private method containing the HA configuration array. 

The code is self-explanatory and straight forward. I’ve mentioned adequate comments as well. Still, if you face any trouble, you’re welcome to ask through the form at the bottom. Now it’s time to test. Access the URL http://localhost/social/ in the browser and check by logging in through any network.

Add Routing Rule to Handle Response

This step is completely optional and only if you’re unable to catch the response. Add one line routing rule to handle the provider’s response in CodeIgniter. Since it requires to pass the last URI segment as a parameter instead of the method name. Open the file routes.php from the application/config directory and add the rule:

Now give it a try. All should work fine.

Social Sign In/Up Provider Challenges

Till now you haven’t to worry about any individual social provider. However, technically there are more complexions involved. For example, not all the providers return you the email address. However, each authenticated user has an ID field for sure in the profile response.

Further, the JSON data returned might not have exact same keys. Like, the ID key name can be either id or identifier or something else. So you need to take proper care of it.

Additionally, you need more steps to resend an authorization request that has a permission denied response previously. Otherwise, providers like Facebook and Google will treat it as a policy violation. As a result, you might be barred from using their social login service.

I leave all these challenges on you. What I can hint is you need to pass extra parameters in authorize_url_parameters for Hybridauth. For a reference. check links at the bottom for relevant external resources.

If you need our professional services to manage social Sign In/Up, don’t forget to drop an email to

All in One Social Login – HA & CI

So hope you have understood the fundamental concept to add all social login in CodeIgniter 3 websites. And you have also seen that it is much easier using Hybridauth 3. Also, you haven’t the need to deal with each provider-specific API or SDK.

In the next article, I would love to teach how to set up a complete social login system using the database. Until stay in touch and don’t forget to leave the feedback. Also, share the article if you like it.

Finally, be careful, stay at home, and keep you as well as your loved once safer from the coronavirus (at the time of writing this article, it is epidemic).


You Might Interested In


  1. Robert says:

    I was able to authenticate using your script, so thank you for that.

    One question: after being succesfully authenticated I get redirected to one of the authorized redirect URIs I configured in Google.
    That’s perfect. But how do I check on any page that there was a succesful OAuth login?

    Or I could have asked the question differently;
    The code after $service = $hybrid->authenticate($provider) in function auth() is not reached, because of the redirect. I guess it should (otherwise the code there does not make any sense), but what am I doing wrong than?

    Thank you for your time.

    1. Amit Sonkhiya says:

      Hello Robert,

      As I could understand from your comment, you want to check on other pages if the visitor has a successful OAuth login.
      I would suggest you set a session variable containing relevant OAuth response data upon successful login after line #76 in the code. And delete the variable on some other event like a logout within your website.

      Line #60 is always reached as long as there is the provider variable set. It’s just Hybridauth that either parses the response or redirects to the provider’s login page if a response is absent.

  2. Alex moore says:

    awesome.. what a implementation
    I visited a few sites and all were charging $30 to download the code thank you soo much for brilliant explanation.


Leave a Reply

Enclose a code block like: <pre><code>Your Code Snippet</code></pre>.