# social-auth-core > Python social authentication made simple. - **URL**: https://www.freshcrate.ai/projects/social-auth-core - **Author**: pypi - **Category**: Security - **Latest version**: `4.9.1` (2026-04-30) - **License**: Unknown - **Source**: https://github.com/python-social-auth/social-core/blob/master/CHANGELOG.md - **Homepage**: https://pypi.org/project/social-auth-core/ - **Language**: Python - **GitHub**: 910 stars, 575 forks - **Registry**: pypi (`social-auth-core`) - **Tags**: `auth`, `oauth`, `openid`, `pypi`, `saml`, `social` ## Description # Python Social Auth - Core Python Social Auth is an easy to setup social authentication/registration mechanism with support for several frameworks and auth providers. ## Description This is the core component of the python-social-auth ecosystem, it implements the common interface to define new authentication backends to third parties services, implement integrations with web frameworks and storage solutions. ## Documentation Project documentation is available at https://python-social-auth.readthedocs.io/. ## Setup ```shell $ pip install social-auth-core ``` ## Contributing Contributions are welcome! Only the core and Django modules are currently in development. All others are in maintenance only mode, and maintainers are especially welcome there. See the [CONTRIBUTING.md](https://github.com/python-social-auth/.github/blob/main/CONTRIBUTING.md) document for details. ## Versioning This project follows [Semantic Versioning 2.0.0](https://semver.org/spec/v2.0.0.html). ## License This project follows the BSD license. See the [LICENSE](LICENSE) for details. ## Donations This project welcomes donations to make the development sustainable, you can fund Python Social Auth on following platforms: - [GitHub Sponsors](https://github.com/sponsors/python-social-auth/) - [Open Collective](https://opencollective.com/python-social-auth) ## Recent releases | Version | Date | Urgency | Changes | | --- | --- | --- | --- | | `4.9.1` | 2026-04-30 | High | ### Changed - GitHub backend now handles scoped email fetching deterministically. ### Fixed - OpenID Connect missing token handling. - Microsoft refresh token and expiry handling. - Partial pipeline handling for Django `QueryDict` values. | | `4.8.7` | 2026-04-23 | High | ### Added - OpenID Connect backends can now opt in to PKCE support ### Changed - PKCE defaults now match RFC 7636 requirements ### Security - Tightened redirect URL validation - Tightened OAuth state handling for Clever, Eventbrite, GoClio, MailChimp, SurveyMonkey and Untappd backends - SAML authentication now restores saved sessions only after response validation | | `4.8.6` | 2026-04-21 | Low | Imported from PyPI (4.8.6) | | `4.8.5` | 2026-02-10 | Low | ### Changed - Fixed partial pipeline handling for unauthenticated users ### Donations This project welcomes donations to make the development sustainable. The following platforms are available for funding Python Social Auth: - [GitHub Sponsors](https://github.com/sponsors/python-social-auth/) - [Open Collective](https://opencollective.com/python-social-auth) | | `4.8.4` | 2026-02-10 | Low | ### Changed - Improved type annotations - Code cleanups - Improved error handling in SAML ### Added - Add Azure AD(Entra ID) federated client assertion support (FIC) ### Donations This project welcomes donations to make the development sustainable. The following platforms are available for funding Python Social Auth: - [GitHub Sponsors](https://github.com/sponsors/python-social-auth/) - [Open Collective](https://opencollective.com/python-social-auth) | | `4.8.3` | 2025-12-18 | Low | ### Changed - Added registry to configure default strategy ### Donations This project welcomes donations to make the development sustainable. The following platforms are available for funding Python Social Auth: - [GitHub Sponsors](https://github.com/sponsors/python-social-auth/) - [Open Collective](https://opencollective.com/python-social-auth) | | `4.8.2` | 2025-12-18 | Low | ### Changed - The timeout parameter can be again configured - Refactored HTTP authentication code - Loosened some type checks for better downstream compatibility - `ID_KEY` is now configurable - Improved token expiry validation - Additional OIDC parameters are now supported - Improved refresh token logic - Extended type annotations - String RelayState in SAML is again supported - Better handle OpenID exceptions ### Removed - itembase backend - nk backend - OAuth1 backend for | | `4.8.1` | 2025-10-09 | Low | ### Changed - Fixed `extra_data()` invocation from `refresh_token()` - Replaced jose with PyJWT in Ping backend - Dropped OAuth1 backend for OpenStreetMap ### Added - OAuth2 URLs can now be overridden in the configuration | | `4.8.0` | 2025-10-07 | Low | ### Changed - Fixed Gitea backend API authentication headers - Improved `RelayState` and attributes handling in the SAML backend - Missing configured attributes now cause an `AuthMissingParameter` error - Changed domains for VK backend - All API calls now include User-Agent header - OIDC uses info from `id_token` when not present in the response - Bring back option to skip and customize `at_hash` validation in OIDC - Dropped support for Python 3.9 and added support for Python 3.14 - | | `4.7.0` | 2025-06-27 | Low | ### Changed - Fixed getting user info in LinkedIn authentication. - Fixed okta OIDC authentication URLs. - Dropped AOL OpenID backend. - Improved error handling in ORCID. - Fixed Soundcloud OAuth2 authorization. ### Added - More OIDC configuration options. - Session restore with stricter SameSite cookie policy. - JWT leeway configuration for some backends. ### Donations This project welcomes donations to make the development sustainable, you can fund Python Social Auth on th | ## Citation - HTML: https://www.freshcrate.ai/projects/social-auth-core - Markdown: https://www.freshcrate.ai/projects/social-auth-core.md - Dependencies JSON: https://www.freshcrate.ai/api/projects/social-auth-core/deps _Generated by freshcrate.ai. Indexes pypi releases for AI-agent ecosystem packages._