appraisal-rb Logo by Aboling0, CC BY-SA 4.0 kettle-rb Logo by Aboling0, CC BY-SA 4.0 floss-funding Logo by Aboling0, CC BY-SA 4.0 galtzo-floss Logo by Aboling0, CC BY-SA 4.0 omniauth Logo by (presumed) tomeara, (presumed) MIT resque Logo by Resque development team, MIT rubocop-lts Logo by Aboling0, CC BY-SA 4.0 oauth Logo by Chris Messina, CC BY-SA 3.0 ruby-openid Logo by Aboling0, CC BY-SA 4.0

OAuth 2.0 Implementation Guide

This guide will walk you through implementing OAuth 2.0 authentication using oauth2.

Getting Started

Add the gem to your Gemfile:

gem 'oauth2'

Basic Setup

Configure your OAuth provider:

OAuth2.configure do |config|
  config.client_id = ENV['OAUTH_CLIENT_ID']
  config.client_secret = ENV['OAUTH_CLIENT_SECRET']
  config.redirect_uri = 'http://localhost:3000/callback'
end

Authorization Flow

The OAuth 2.0 authorization code flow:

  1. Redirect user to authorization endpoint
  2. User grants permission
  3. Receive authorization code
  4. Exchange code for access token
  5. Use access token to access protected resources

Next Steps

Check out our examples repository for more advanced use cases!