Skip to main content
LibreChat is joining ClickHouse to power the open-source Agentic Data Stack 🎉 Learn more
LibreChat

Authentication

Quick overview of the user authentication system of LibreChat, which offers secure and easy email and social logins.

LibreChat has a user authentication system that allows users to sign up and log in securely and easily. The system is scalable and can handle a large number of concurrent users without compromising performance or security.

By default, we have email signup and login enabled, which means users can create an account using their email address and a password. They can also reset their password if they forget it.

Additionally, our system can integrate social logins from various platforms such as Google, GitHub, Discord, OpenID, and more. This means users can log in using their existing accounts on these platforms, without having to create a new account or remember another password.

For further details, refer to the configuration guides provided here: Authentication

Important

  • When you run the app for the first time, you need to create a new account by clicking on "Sign up" on the login page. The first account you make will be the admin account and holds all administrative capabilities on the instance. See Access Control for the full authorization model covering users, groups, roles, resource ACLs, and system-level admin grants.
  • The first account created should ideally be a local account (email and password).

See also: Access Control, LibreChat's granular permission system for users, groups, and roles, covering per-resource sharing of agents, prompts, MCP servers, and feature-level permissions.

Social login buttons on the LibreChat sign-in screenSocial login buttons on the LibreChat sign-in screen

How is this guide?