Setting up an OAuth2 provider

In this post, we’re going to talk about installing and setting up your very own OAuth2 provider. If you have used Facebook or Twitter logins, you’d know that they have their own OAuth2 providers. In reality, those are more than just OAuth2 providers as they also have OpenID Connect on them, however, that will be a post for another day.

Why would I want an OAuth2 provider?

Well, there are many reasons why you’d want an OAuth2 provider.

  1. Because its cool.
  2. Because its hip.
  3. Because, why not?

On a more serious note, if you have a bunch of applications running in your house, you can use your own OAuth2 provider to provide identity and custom authorisations to every app in a way that if one of those apps gets compromised, it won’t take your whole house down. This lets you operate all of your apps in a standard way.

Also, who in your family doesn’t want “Sign in via <insert_family_name>” button? 😛

For this post, we’re going to use Forgerock’s OpenAM version 13.

Continue reading