This guide explains how to remove OAuth (external login) providers from your application. You can remove all OAuth support or just specific providers.
If you don't want any external login options (Google, Facebook, Microsoft), follow these steps:
In appsettings.json, delete the entire Authentication section or set all Enable flags to false:
// DELETE THIS ENTIRE SECTION:
"Authentication": {
"EnableGoogleAuth": false,
"EnableFacebookAuth": false,
"EnableMicrosoftAuth": false,
...
}
In Program.cs, locate and delete the OAuth configuration section:
// DELETE: Google OAuth setup
if (configuration.GetValue<bool>("Authentication:EnableGoogleAuth"))
{
// ... entire block
}
// DELETE: Facebook OAuth setup
if (configuration.GetValue<bool>("Authentication:EnableFacebookAuth"))
{
// ... entire block
}
// DELETE: Microsoft OAuth setup
if (configuration.GetValue<bool>("Authentication:EnableMicrosoftAuth"))
{
// ... entire block
}
In Pages/Account/Login.cshtml, delete the external login buttons section:
<!-- DELETE: External login section -->
@if (Model.ExternalLogins?.Count > 0)
{
<!-- ... entire section ... -->
}
Delete these files:
Pages/Account/ExternalLogin.cshtmlPages/Account/ExternalLogin.cshtml.csIn your startup validation code, remove the OAuth credential checks.
Delete the entire wwwroot/help/oauth/ folder.
In wwwroot/help/index.htm, delete the OAuth Configuration section.
To remove just one or two providers while keeping others:
"EnableGoogleAuth": false in appsettings.jsonwwwroot/help/oauth/google-setup.htm"EnableFacebookAuth": false in appsettings.jsonwwwroot/help/oauth/facebook-setup.htm"EnableMicrosoftAuth": false in appsettings.jsonwwwroot/help/oauth/microsoft-setup.htmIf you want to clean up existing OAuth data:
-- Optional: Remove existing external login records
DELETE FROM AspNetUserLogins;
DELETE FROM AspNetUserTokens WHERE Name LIKE '%external%';
You can optionally remove these NuGet packages if not using any OAuth:
Microsoft.AspNetCore.Authentication.GoogleMicrosoft.AspNetCore.Authentication.FacebookMicrosoft.AspNetCore.Authentication.MicrosoftAccountAfter removal, verify: