OAuth2 Support

"aim in the direction the puck is going."

as we enter a phase where you don't know any of your passwords, it begs the question: why have passwords at all?

way ahead of their time, a few engineers decided 20 years ago to standardize a pattern by which web applications could share knowledge.

OAuth was born, followed by Oauth2 with several user-friendly upgrades (no more copy-pasting strings, short-lived refreshable tokens) for us 90's kids.

and that's all i know about OAuth's history. so how does this help you, building on TRMNL?

Oauth2 in private plugins

over 750 plugins have been published by the community, leveraging a mix of open authentication and copy/paste API keys.

starting today, API keys are no longer necessary for supporting applications.

for two-bit (get it?) hackers like me who prefer not to RTFM, we've stubbed out a library of 350+ popular templates. find yours and all /oauth/token-esque requests will be done for you.

don't see the app you want? add it to our global library.

once your provider is set, customize scopes and request parameters to your heart's content.

need custom body or header values, PKCE (looking at you, Instagram), or non standard Scope string encoding? we've got you covered.

limitless configs + sensible defaults == limited room for errors.

set expiry rules, refresh logic, or even rename response params to fit your plugin's terminology.

next gen plugins

we look forward to seeing advanced use cases that refreshable access tokens will unlock.

if you have questions, direct them at our Oauth2 architect Ikraam in Discord or live chat.