I am building a system that have API and SPA. The server have user manage function that can control the permission. Now I want to allow user to login by SSO provider (or simply, allow user using the their Google/Microsoft account to login their account that registered in system).