OAuth2

Note
 This page is marked as "earlydoc", which means that it more of a collection of notes and an early draft before this page turns into good documentation later on. It is hoped that this early form of documentation is useful to you, but please understand that most documentation pages are higher quality than this. If you have suggestions or comments, please do get in contact or consider contributing your suggestions to the OliveTin documentation.

OliveTin supports OAuth2 for login with any OAuth2 compliant provider.

At the moment, username fetching is only supported on GitHub. More will be added soon, probably with the addition of OpenID Connect support.

authOAuth2RedirectUrl: http://localhost:1337/oauth/callback
authOAuth2Providers:
  github:
    clientId: 1234567890
    clientSecret: 1234567890

Provider configuration

  • name - a "simple name" for the provider, used in the login redirect and internally in OliveTin, eg github

  • title - the human-readable name of the provider, eg GitHub

  • clientId - the client ID provided by the OAuth2 provider

  • clientSecret - the client secret provided by the OAuth2 provider

  • icon - the icon to use for the provider, eg an Iconify icon - accepts any HTML.

  • scopes - a list of scopes to request.

  • authUrl - the URL to redirect to for authentication

  • tokenUrl - the URL to exchange the code for a token

  • whoamiUrl - the URL to fetch user information from

  • usernameField - the field in the user information response to use as the username

← Previous: JWT with HMAC | ↑ Up: Security | ⌂ Home: OliveTin documentation | Next: Username & Password →