About OAuth2Server

Grant, manage, and verify requests based on OAuth2 access tokens, in your MODX site.

Potential use cases include:

  • Authenticate 3rd party services like Zapier
  • Grant access to REST resources, only to verified consumers
  • Release subscription resources only to verified subscribers
  • Trigger actions on integrated platforms using authenticated REST hooks

Github repo: https://github.com/modxcms/oauth2-server


January 11, 2018

Supported Database


Supported Versions
2.4 - Current



Install via Extras Installer or download directly from https://modx.com/extras/package/oauth2server

For usage see README.

Note on security:

The OAuth2Server Extra doesn't grant any permissions whatsoever, on its own. It only provides a way to grant, manage, revoke and verify access tokens. Call the Snippet [[!verifyOAuth2]] in your Resource/Template, and the Resource will return an unauthorized or error response, if the request isn't accompanied by a valid access token. You can choose to do whatever you like, with the verified request—the possibilities are endless.

New in 0.9.0-dev1

OAuth2Server 0.9.0-dev1


Add Plugin to verify requests by Context

OAuth2Server 0.8.2-dev1


Initial public release, in development.

Log issues and see milestones (roadmap) here: https://github.com/modxcms/oauth2-server/issues

Current releases

View | Download
January 11, 2018
2.4 - Current