Remove OAuth Authentication

This guide explains how to remove OAuth (external login) providers from your application. You can remove all OAuth support or just specific providers.

Option A: Remove All OAuth Providers

If you don't want any external login options (Google, Facebook, Microsoft), follow these steps:

Step 1: Remove Configuration

In appsettings.json, delete the entire Authentication section or set all Enable flags to false:

// DELETE THIS ENTIRE SECTION:
"Authentication": {
    "EnableGoogleAuth": false,
    "EnableFacebookAuth": false,
    "EnableMicrosoftAuth": false,
    ...
}

Step 2: Remove OAuth Setup Code

In Program.cs, locate and delete the OAuth configuration section:

// DELETE: Google OAuth setup
if (configuration.GetValue<bool>("Authentication:EnableGoogleAuth"))
{
    // ... entire block
}

// DELETE: Facebook OAuth setup
if (configuration.GetValue<bool>("Authentication:EnableFacebookAuth"))
{
    // ... entire block
}

// DELETE: Microsoft OAuth setup  
if (configuration.GetValue<bool>("Authentication:EnableMicrosoftAuth"))
{
    // ... entire block
}

Step 3: Remove External Login UI

In Pages/Account/Login.cshtml, delete the external login buttons section:

<!-- DELETE: External login section -->
@if (Model.ExternalLogins?.Count > 0)
{
    <!-- ... entire section ... -->
}

Step 4: Delete External Login Pages

Delete these files:

Pages/Account/ExternalLogin.cshtml
Pages/Account/ExternalLogin.cshtml.cs

Step 5: Remove Startup Validation

In your startup validation code, remove the OAuth credential checks.

Step 6: Delete Help Files

Delete the entire wwwroot/help/oauth/ folder.

Step 7: Update Help Index

In wwwroot/help/index.htm, delete the OAuth Configuration section.

Option B: Remove Specific Providers

To remove just one or two providers while keeping others:

Remove Google Only

Set "EnableGoogleAuth": false in appsettings.json
Delete the Google configuration block in Program.cs
Delete wwwroot/help/oauth/google-setup.htm
Remove Google from the help index

Remove Facebook Only

Set "EnableFacebookAuth": false in appsettings.json
Delete the Facebook configuration block in Program.cs
Delete wwwroot/help/oauth/facebook-setup.htm
Remove Facebook from the help index

Remove Microsoft Only

Set "EnableMicrosoftAuth": false in appsettings.json
Delete the Microsoft configuration block in Program.cs
Delete wwwroot/help/oauth/microsoft-setup.htm
Remove Microsoft from the help index

Database Considerations

No Schema Changes Required
OAuth uses the standard ASP.NET Identity tables (AspNetUserLogins, AspNetUserTokens). These tables can remain even if you remove OAuth - they simply won't be used.

If you want to clean up existing OAuth data:

-- Optional: Remove existing external login records
DELETE FROM AspNetUserLogins;
DELETE FROM AspNetUserTokens WHERE Name LIKE '%external%';

NuGet Packages

You can optionally remove these NuGet packages if not using any OAuth:

Microsoft.AspNetCore.Authentication.Google
Microsoft.AspNetCore.Authentication.Facebook
Microsoft.AspNetCore.Authentication.MicrosoftAccount

Verification

After removal, verify:

Build succeeds with no errors
Login page shows only username/password (no external buttons)
Application starts without OAuth-related errors