Choice of SSO method

Would it be possible to have an enhancement made that would allow both Google and Facebook to be used as SSO methods (the participant could choose whichever one they prefer). This is fairly common on other websites.

This is the default. Every PollUnit user can choose to register with email and password or one of our SSO provider. So if you require a PollUnit account, participants can also use any of our SSO providers.

When I configure the poll as an administrator I can only select one SSO method not two. What I was asking is whether I could select two, Google and Facebook, (on the Advanced Features page) and let the user decide which one they wish to use.

The idea behind the security setting that allows only one SSO provider is to prevent users from voting multiple times, for example once with a Google account and once with a Facebook account. From a security perspective, allowing multiple providers at the same time therefore does not make much sense.

If »PollUnit account required« is selected, users can choose freely from all available SSO providers.

An additional security setting that sits somewhere in between these two options unfortunately has a rather low chance of being implemented. I have still added this request to our feature request list, and I will let you know here if it becomes part of our planning.

Could you share what speaks against using all SSO providers via the »PollUnit account required« option in your case?

I appreciate and understand the security issues, but this is about the user experience. We want to make using our poll as easy as possible (within reasonable limits). We don't want our participants to have to sign-up for a PollUnit account, and if they don't have a Google account, for example, but do have a Facebook account, we don't want them to have to sign-up to Google either (and vice versa). We want the user, not the Administrator, to choose what SSO method the user wants to use (Facebook or Google). Rather than force them to a single choice it would be better to give a range of options (in our case, Google and Facebook). Its all about ease of use from the users perspective.

When requiring a PollUnit account, users can already sign up via Google, Facebook, GitHub, or a classic PollUnit registration. With this approach, we are not forcing users into one or two specific SSO providers. They can simply choose the option they are most comfortable with.

This minimizes friction and ensures that as few users as possible are excluded, which is especially important for public polls or scenarios with a diverse audience.

I understand that you do not want to force users to explicitly register for a PollUnit account. That said, all SSO options implicitly create a PollUnit account as part of the authentication process.