Home

About

Doorkeeper is an OAuth 2 provider for Ruby on Rails or Grape applications. It's built on top of Rails engines. The gem is in active development. So far it supports all protocol flows, but we will still improve the functionality of the gem.

More info:

• Supported OAuth 2 features
• Supported Ruby & Rails versions
• Official guides

Finding help

• Stack overflow questions tagged as doorkeeper
• How to's / Tutorials

See it in action

Demo app

We've built a simple provider demo using Devise. Check it out here.

Screencast @ railscasts.com

#353: OAuth with Doorkeeper

For more example applications, see this page in the wiki.

Upgrading

Doorkeeper is in constant development and things change fast! Check out the upgrade guide for more information.

How to's / Tutorials

• Rails API authentication with Devise and Doorkeeper
• How to implement Rails API authentication with Devise and Doorkeeper
• OAuth Implicit Grant with Grape, Doorkeeper and AngularJS
• Using with protected_attributes gem
• Using ActionController::Metal with doorkeeper
• Interacting as an OAuth client with Doorkeeper
• Passing parameters from a devise client to doorkeeper (like locale)
• Auto Sign Up after registration
• Using scopes
• Using with Grape
• Grape + Doorkeeper + Swagger
• Doorkeeper Omniauth OAuth Client @ GoRails
• Doorkeeper and ActionCable
• Using PKCE flow
• Play with Doorkeeper & Omniauth/OAuth2. Part 1.
• Setting Up OAuth in an Ember/Rails App
• Creating an OAuth Provider

Extending

• Using OmniAuth to authenticate for Doorkeeper
• Create an OmniAuth strategy for your provider
• Associate users to OAuth applications (ownership)
• CORS - Cross Origin Resource Sharing
• Rate limit with Redis
• A Sane Oauth Federation Strategy With Doorkeeper in Ruby

Extension projects

• ORMs
  • doorkeeper-mongodb: Mongoid and MongoMapper support for doorkeeper
  • doorkeeper-sequel: Sequel support for doorkeeper
  • doorkeeper-couchbase: Couchbase Support for doorkeeper
• Additional
  • devise-doorkeeper: Devise Doorkeeper
  • doorkeeper-jwt: Doorkeeper JWT support
  • doorkeeper-i18n: Translation files for doorkeeper
  • doorkeeper-grants_assertion: Assertion grant extension for Doorkeeper
  • doorkeeper_scopes_per_flow: Limit scopes available per flow/grant_type and specify a default one for each flow
  • doorkeeper-openid_connect: Implements an OpenID Connect authentication provider on top of Doorkeeper
  • doorkeeper-device_authorization_grant: OAuth 2.0 Device Authorization Grant extension for Doorkeeper

Flows

• Authorization Code
• Resource Owner Password Credentials
• Client Credentials

Configuration

NOTE: Something may be changed in new versions of the gem, so first read the main documentation or CHANGELOG.md for additional info.

• Customization:
  • Customize tokens expiration
  • Customizing token response
  • Customizing token error response
  • Customizing the response body when unauthorized
  • Customizing views
  • Customizing routes
• Enable refresh token credentials
• Using scopes
• Skipping Application Authorization
• Changing how clients are authenticated
• Authenticating using Clearance/DIY
• Enabling Basic authorization for access tokens
• Using PostgreSQL UUIDs as primary keys with Doorkeeper

Testing

• Testing controllers protected with doorkeeper
• Testing your provider with OAuth2 gem

You can also find all the wiki pages here.

Contributing

All pull requests are welcome and we love them!!! If you want to contribute, please read the guide

Some <3!

Thanks to all that contributed to the gem! Check out the awesome list of contributors here!