#JUGL meetings are held on the 3rd Tuesday of each month


Short Description: OAuth Server (OAuth 2.0 Server) allows Single Sign-On (SSO) to your client apps with Joomla site.

OAuth Server (OAuth 2.0 Server) allows Single Sign-On (SSO) to your client apps with Joomla. It allows you to use Joomla as your OAuth Server and access OAuth API’s. The primary goal of this OAuth server/OAuth Provider plugin is to allow users to interact with Joomla sites without requiring them to store sensitive credentials. This plugin is free to use under the GNU/GPLv3 license. If you wish to use enhanced features, then there is a provision to upgrade as well. There is also a provision to use our services to deploy and configure this plugin.

It allows you to use Joomla as your OAuth Server and access OAuth APIs
Supports Multiple OAuth Client
Supports All Grant Types- Authorization, Implicit, client credential, Resource, refresh token grants.
It has a complete OAuth server like feature, inbuilt OpenID connect, built in resource server, creating client credentials and connect it to a specific user by using application passwords, Rest API authorization and so on.
Easy to configure
OAuth server can be easily configured to protect your API with access tokens or allow clients to obtain new access tokens and refresh them.
In OAuth Authentication REST API are handled without exposing user credentials.

Authorization code grant: This code grant is used when there is a need to access the protected resources on behalf of another third-party application.
Implicit grant: This grant relies on resource owner and registration of redirect URI. In authorization code grant user needs to ask for authorization and access token each time, but here access token is granted for a particular redirect URI provided by the client using a particular browser.
Client credential grant: This grant type heads towards specific clients, where access token is obtained by the client by only providing client credentials. This grant type is quite confidential.
Resource owner password credentials grant: This type of grant is used where resource owner has a trust relationship with the client. Just by using username and password, provided by resource owner authorization and authentication can be achieved
Refresh token grant: Access tokens obtained in OAuth flow eventually expire. In this grant type client can refresh his or her access token.

Rest API is very much open to interact. Creating posts, getting information of users and much more is readily available. If API is protected by OAuth Server plugin secure access to APIs can be achieved. The token obtained in authentication can be intercepted and used. Protection can be achieved by building custom endpoints and allowing custom authentication.

OAuth, OAuth API, OAuth login, OAuth Provider, OAuth server, Single Sign-On, SSO, OAuth 2.0

Read more

Launch a Full version of Joomla! for FREE (including hosting) Find out More