diff --git a/CHANGELOG.md b/CHANGELOG.md
index 93f63f3..710bd48 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -4,6 +4,7 @@ Yii Framework 2 authclient extension Change Log
 2.1.8 under development
 -----------------------
 
+- Enh #218: Allow configuring user component in `AuthAction` (samdark, lab362)
 - Bug #237: Fix redirect from LinkedIn if user refused to authorize permissions request (jakim)
 
 
diff --git a/src/AuthAction.php b/src/AuthAction.php
index c963e9d..c94bfcc 100644
--- a/src/AuthAction.php
+++ b/src/AuthAction.php
@@ -11,11 +11,13 @@
 use yii\base\Exception;
 use yii\base\InvalidConfigException;
 use yii\base\NotSupportedException;
+use yii\di\Instance;
 use yii\helpers\Url;
 use yii\web\Response;
 use yii\web\HttpException;
 use yii\web\NotFoundHttpException;
 use Yii;
+use yii\web\User;
 
 /**
  * AuthAction performs authentication via different auth clients.
@@ -109,6 +111,12 @@ class AuthAction extends Action
      */
     public $redirectView;
 
+    /**
+     * @var User|array|string the User object or the application component ID of the user component.
+     * @since 2.1.8
+     */
+    public $user = 'user';
+
     /**
      * @var string the redirect url after successful authorization.
      */
@@ -118,6 +126,14 @@ class AuthAction extends Action
      */
     private $_cancelUrl;
 
+    /**
+     * @inheritdoc
+     */
+    public function init()
+    {
+        parent::init();
+        $this->user = Instance::ensure($this->user, User::className());
+    }
 
     /**
      * @param string $url successful URL.
@@ -165,7 +181,7 @@ public function getCancelUrl()
      */
     protected function defaultSuccessUrl()
     {
-        return Yii::$app->getUser()->getReturnUrl();
+        return $this->user->getReturnUrl();
     }
 
     /**
@@ -174,7 +190,7 @@ protected function defaultSuccessUrl()
      */
     protected function defaultCancelUrl()
     {
-        return Url::to(Yii::$app->getUser()->loginUrl);
+        return Url::to($this->user->loginUrl);
     }
 
     /**