Skip to main content
django-allauth logo

What is django-allauth?

django-allauth is an integrated set of Django applications addressing authentication, registration, account management as well as 3rd party (social) account authentication.

Official Website

Visit the official django-allauth website

Source Code

View the source code on Codeberg

Documentation

Full API documentation and guides

Stack Overflow

Get help from the community

Why django-allauth?

Most existing Django apps that address the problem of social authentication unfortunately focus only on one dimension - the social. Most developers end up integrating another app in order to support authentication flows that are locally generated. This approach creates a development gap between local and social authentication flows. It has remained an issue in spite of numerous common scenarios that both require. For example, an email address passed along by an OpenID provider may not be verified. Therefore, prior to hooking up an OpenID account to a local account the email address must be verified. This essentially is one of many use cases that mandate email verification to be present in both worlds. Integrating both is a humongous and tedious process. It is not as simple as adding one social authentication app, and one local account registration app to your INSTALLED_APPS list.
django-allauth exists to offer a fully integrated authentication app that allows for both local and social authentication, with flows that just work, beautifully!

Key Features

Comprehensive Account Functionality

Supports multiple authentication schemes (e.g. login by user name, or by email), as well as multiple strategies for account verification (ranging from none to mandatory email verification).

Social Login

Login using external identity providers, supporting:
  • Any Open ID Connect compatible provider
  • Many OAuth 1.0/2.0 providers
  • Custom protocols such as Telegram authentication
django-allauth supports over 100+ social providers out of the box, including Google, GitHub, Facebook, Twitter, LinkedIn, and many more.

Enterprise Ready

Supports SAML 2.0, which is often used in a B2B context for enterprise single sign-on solutions.

Battle-Tested Security

The package has been out in the open since 2010. It is in use by many commercial companies whose business depends on it and has hence been subjected to various penetration testing attempts.

Rate Limiting

When you expose an authentication-enabled web service to the internet, it is important to be prepared for potential brute force attempts. Therefore, rate limiting is enabled out of the box.

Privacy Protection

Many sites leak information. For example, on many sites you can check whether someone you know has an account by input their email address into the password forgotten form. django-allauth offers account enumeration prevention, making it impossible to tell whether or not somebody already has an account.

Highly Customizable

As a developer, you have the flexibility to customize the core functionality according to your specific requirements. By employing the adapter pattern, you can effortlessly introduce interventions at the desired points to deviate from the standard behavior.

Flexible Configuration

The required consumer keys and secrets for interacting with Facebook, X (Twitter) and the likes can be configured using:
  • Regular Django settings
  • Database configuration via the Django admin
  • Optional support for the Django sites framework for multi-domain projects

Architecture Design

This package is internally subdivided into individual Django apps that each target a specific functional part:
1

allauth.account

Functionality related to regular (username and/or email based) accounts
2

allauth.socialaccount

Functionality related to social accounts and third-party authentication providers
3

allauth.mfa

Functionality related to multi-factor authentication (TOTP, WebAuthn, recovery codes)
4

allauth.headless

RESTful API for headless/SPA applications
5

allauth.usersessions

User session management and tracking

Version Information

__version__ = "65.14.3"

Requirements

django-allauth requires Django 4.2 or higher and Python 3.8 or higher.
Supported Python versions:
  • Python 3.8, 3.9, 3.10, 3.11, 3.12, 3.13
Supported Django versions:
  • Django 4.2+
  • Django 5.0, 5.1, 5.2
  • Django 6.0
Core dependencies:
  • Django >= 4.2.16
  • asgiref >= 3.8.1
Optional dependencies:
  • socialaccount: OAuth and social authentication support
  • mfa: Multi-factor authentication support (TOTP, WebAuthn)
  • saml: SAML 2.0 support
  • headless: JWT-based headless API support
  • openid: OpenID support

Live Demos

Experience django-allauth in action:

Django Demo

Traditional server-rendered Django application

React SPA Demo

Modern single-page application using the headless API

Community & Support

GitHub Sponsors

Support the project’s development

Commercial Support

Commercial support is available. Contact: [email protected]

Translations

Help translate django-allauth

Issue Tracker

Report bugs and request features

What’s Next?

Installation

Learn how to install django-allauth in your project

Quickstart

Get up and running with a working authentication system

Build docs developers (and LLMs) love

Get started for freeTalk to us