How to restrict Memberstack SSO to only show email and OTP login method?

Post author
Durga Prasad Pradhan

I've implemented OpenID Connect-based SSO on my app using Memberstack as the identity provider. The goal is to allow users from my primary site (which uses Memberstack for authentication) to seamlessly log in to a secondary site.

Currently, when users attempt SSO login on the secondary site, the Memberstack login screen displays multiple authentication options—such as Google, email/password, and email with OTP.

However, my primary site only uses the email + OTP login method, and I want to enforce the same restriction on the secondary site during SSO.

How can I configure Memberstack or the SSO implementation to allow only the "email and OTP" login method, and hide or disable the other options (Google, email/password)?

Any guidance on this would be greatly appreciated!

Comments

2 comments

  • Comment author
    Chukwudi
    • Edited

    Thanks for the detailed explanation, Durga!

    At the moment, Memberstack does not support restricting the SSO login screen to only one login method. All enabled login methods for your project will appear on the Memberstack-hosted login screen, including Google, and email/password.

    Here's what you can do:

    Current Workaround

    If you only want to support email, you’ll need to:

    1. Disable the other login methods (like Google) entirely from your Memberstack project settings.

    2. This change will affect all sites connected to that project both your primary and secondary site will only show email as the login option.

    What’s Not Currently Possible

    • Memberstack doesn’t allow per-site or per-context customization of the login UI via SSO. That means you cannot hide Google or password login just for the secondary site while keeping it available on the primary site.

    If this restriction is critical for your app’s user flow, we’d recommend submitting a feature request or upvoting similar ones on our Public Roadmap.

    I hope this helps. 

    1
  • Comment author
    Durga Prasad Pradhan

    Hi Chukwudi, thanks for your explanation.

    Here’s a bit more detail on my scenario: On my primary site, I’m using components from the Webflow component library and have implemented only the email + OTP signup/login method. However, on the secondary site’s login screen, users are still seeing both the email + OTP and the password login options.

    In the Memberstack Auth Provider settings, I have only enabled passwordless (email + OTP) signup/login, and I’ve disabled all other methods. But there doesn’t seem to be any option to disable the password-based login entirely.

    Is there any way to remove or disable the password login method so that only the email + OTP option appears?

    Thanks again for your help!

    1

Please sign in to leave a comment.