Sorcery VS OmniAuth

Compare Sorcery vs OmniAuth and see what are their differences.

Our great sponsors
  • InfluxDB - Power Real-Time Data Analytics at Scale
  • WorkOS - The modern identity platform for B2B SaaS
  • SaaSHub - Software Alternatives and Reviews
Sorcery OmniAuth
10 23
1,408 7,831
0.8% 0.2%
5.0 4.9
6 days ago 3 months ago
Ruby Ruby
MIT License MIT License
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.


Posts with mentions or reviews of Sorcery. We have used some of these posts to build our list of alternatives and similar projects. The last one was on 2023-06-10.
  • Everything was going great until I installed Devise!
    2 projects | /r/rails | 10 Jun 2023
    I have been using devise for a while and it has consistently given me issues. I have wistfully been staring at sorcery for a while now but cant justify the switch since devise is already in the project.
  • What is used for authentication in Rails nowadays?
    3 projects | /r/rails | 10 Feb 2023
  • Authentication with Sorcery, RSpec, and Rails 7: Building a simple Rails CMS - Part 1
    3 projects | | 29 Jan 2022
    We'll be installing Sorcery based off this tutorial in their wiki. I'm modifying a little bit since we are creating something different, but also because their tutorial is a bit outdated since it is based off an older version of Rails.
  • Webpacker Retired
    9 projects | /r/rails | 19 Jan 2022
  • What are your top useful gems?
    4 projects | /r/rails | 18 Jan 2022
  • A November of WTFs
    3 projects | | 19 Nov 2021
    But does it have to be so soon? There are other areas where I'm just as ignorant as I was about the inner workings of authentication (see "the database" below), and in these areas there's not a gem that can automatically solve the problem for me—which is what I've ended up doing for authentication in my own project: even though I could build authentication from scratch, instead I'm using an authentication gem because the effect is exactly the same, but with less code in my app for me to maintain. (Rather than Devise, I've chosen the more lightweight alternative Sorcery. It's simple enough that I can still understand and control the authentication flow, while also providing enough conveniences that I don't have to write out implementation details from scratch.)
  • Why there is no simple default auth in Rails?
    5 projects | /r/rails | 20 Sep 2021
    Also Sorcery is, despite its name, a little less magic than Devise.
    5 projects | /r/rails | 20 Sep 2021
    Rails doesn’t even have a user model by default as opposed to Django (in the past) because Auth is very much dependent on your app. There’s devise for when you need batteries included and if that’s too much there are smaller gems like
  • Easy has_secure_password API authentication
    3 projects | | 21 Jan 2021


Posts with mentions or reviews of OmniAuth. We have used some of these posts to build our list of alternatives and similar projects. The last one was on 2023-08-09.
  • Advanced Usages of Devise for Rails
    6 projects | | 9 Aug 2023
    In many cases, this convenient multi-provider authentication is powered by a library called OmniAuth. OmniAuth is a flexible and powerful authentication library for Ruby that allows you to integrate with multiple external providers.
  • Unleash Devise-Enabling All Modules
    4 projects | | 25 Jun 2023
    :omniauthable is a special module in devise but it's also in charge of a very common feature: letting users log in by using a user's session from another website, e.g. Facebook, Google, Twitter, Github, etc. It's kind of delegating authentication work to those big tech companies. Nowadays, most companies follow OAuth's standards to build the authentication workflow (OAuth always means OAuth 2.0 in this article). However, each company may have different dialects when you communicate via OAuth. This module is called :omniauthable because devise has integrated with the gem omniauth, which provides a unified interface to realize the login process via OAuth.
  • Omniauth without Devise
    2 projects | | 7 Feb 2023
    # # # echo > config/initializers/omniauth.rb # config/initializers/omniauth.rb Rails.application.config.middleware.use OmniAuth::Builder do provider :github, "GITHUB_ID", "GITHUB_SECRET" end
  • A First Look at Hanami 2 for Ruby
    6 projects | | 15 Dec 2022
    In general, even though the Hanami ecosystem lacks any "plug-and-play" solutions such as Devise, you can use many existing libraries not tightly coupled to Ruby on Rails. For authentication, you can use Warden, OmniAuth or Rodauth. For uploads there is Shrine. The pagination is built into ROM. Integration with exception catchers such as Rollbar is easy.
  • Social Login in Rails with Rodauth
    4 projects | /r/ruby | 6 Dec 2022
    In this article, I show how to set up the rodauth-omniauth gem I had created in a Rails app, and customize the flow. This gem provides a much more integrated solution compared to Devise, in the sense that it implements the OmniAuth callback phase, automatically registering the user and/or logging them in, and persisting their external identities. It supports multiple providers, and essentially codifies this OmniAuth guide.
    4 projects | | 6 Dec 2022
    OmniAuth provides a standardized interface for authenticating with various external providers. Once the user authenticates with the provider, it's up to us developers to handle the callback and implement actual login and registration into the app. There is a wiki page laying out various scenarios that need to be handled if you want to support multiple providers, showing that it's by no means a trivial task.
  • rodauth-omniauth released: login & registration with multiple external providers
    4 projects | /r/ruby | 3 Nov 2022
    In addition to providing an OmniAuth integration like Devise, this gem persists external identities associated to accounts, and attempts to solve some of the hard problems around supporting with multiple providers described in this OmniAuth guide. The goal was for it to be a drop-in solution for login & registration via social logins, where the callback phase is implemented for you, with hooks for extending the behavior.
    4 projects | /r/ruby | 3 Nov 2022
    My memory is failing me on the specifics, but I posted this issue on roda, which then led to this other issue in omniauth, plus 2 MRs on omniauth and rack-protection for doc updates.
  • Go Auth Lib
    4 projects | | 2 Oct 2022
  • Setting Up OmniAuth Authentication in Development
    6 projects | | 29 Dec 2021
    But what if we've already gone through this process on another site? Wouldn't it be nice if we could somehow communicate with that site's authentication system and use it to authenticate the users on our site? This is precisely what OmniAuth allows us to do, specifically through the use of community-built strategies, or code that allows one to authenticate to a given provider, e.g. Facebook or GitHub. You know those "Login with Facebook" buttons? Yep, that's what we're talking about here.

What are some alternatives?

When comparing Sorcery and OmniAuth you can also consider the following projects:

Devise - Flexible authentication solution for Rails with Warden.

Doorkeeper - Doorkeeper is an OAuth 2 provider for Ruby on Rails / Grape.

warden - General Rack Authentication Framework

Rodauth - Ruby's Most Advanced Authentication Framework

Clearance - Rails authentication with email & password.

Authlogic - A simple ruby authentication solution.

Knock - Seamless JWT authentication for Rails API

JWT - A ruby implementation of the RFC 7519 OAuth JSON Web Token (JWT) standard.

Devise Token Auth - Token based authentication for Rails JSON APIs. Designed to work with jToker and ng-token-auth.