Grant, manage, and verify requests based on OAuth2 access tokens, in your MODX site.
Potential use cases include:
- Authenticate 3rd party services like Zapier
- Grant access to REST resources, only to verified consumers
- Release subscription resources only to verified subscribers
- Trigger actions on integrated platforms using authenticated REST hooks
Github repo: https://github.com/modxcms/oauth2-server
January 11, 2018
2.4 - Current
Install via Extras Installer or download directly from https://modx.com/extras/package/oauth2server
For usage see README.
Note on security:
The OAuth2Server Extra doesn't grant any permissions whatsoever, on its own. It only provides a way to grant, manage, revoke and verify access tokens. Call the Snippet [[!verifyOAuth2]] in your Resource/Template, and the Resource will return an unauthorized or error response, if the request isn't accompanied by a valid access token. You can choose to do whatever you like, with the verified request—the possibilities are endless.
New in 0.9.0-dev1
Add Plugin to verify requests by Context
Initial public release, in development.
Log issues and see milestones (roadmap) here: https://github.com/modxcms/oauth2-server/issues