We’ve released a new OAuth 2.0 module for backend applications, that supports all methods from the OAuth 2.0 specification, including M2M and authentication for devices with no HID. Using this module you can connect any OAuth 2.0 compatible service without a dedicated Sign-in module.
Available blocks:
OAuth 2.0: Get Auth URL – Builds the authorization‑endpoint URL you redirect the user to so they can grant your app the requested scopes.
OAuth 2.0: Get Refresh Token – Exchanges the authorization code (and PKCE verifier if used) for a refresh token and initial access token.
OAuth 2.0: Get Access Token – Uses a refresh token to obtain a fresh access token (and optionally a rotated refresh token).
OAuth 2.0: Get Machine Access Token – Obtains an access token using client credentials for machine‑to‑machine calls.
OAuth 2.0: Revoke Token – Invalidates an access or refresh token so it can no longer be used.
OAuth 2.0: Introspect Token – Checks a token’s active status and retrieves its metadata.
OAuth 2.0: Request Device Authorization Code (Step 1) – Initiates the device flow, obtaining codes for user authorization on a separate device.
OAuth 2.0: Poll Device Token (Step 2) – Polls the token endpoint until the user authorizes, then returns tokens.
OAuth 2.0: Generate PKCE – Generates a code verifier and its corresponding code challenge for PKCE.
OAuth 2.0: Get User Info (OpenID) – Fetches the resource owner’s profile/claims using an access token.