oauth

OAuth 2.0 authentication and authorization with support for multiple providers, social login, and PKCE security.

Overview

The OAuth primitive provides secure, standards-compliant authentication flows for integrating with Google, GitHub, Microsoft, and custom OAuth providers.

Quick Example

import { oauth } from 'sdk.do'

// Initiate OAuth flow
const { url } = await oauth.authorize({
  provider: 'google',
  redirectUri: 'https://app.do/callback',
  scope: ['email', 'profile'],
})

// Exchange code for tokens
const tokens = await oauth.callback({
  provider: 'google',
  code: req.query.code,
  redirectUri: 'https://app.do/callback',
})

// Get user info
const user = await oauth.getUser(tokens.accessToken)

Core Capabilities

• Multi-Provider - Google, GitHub, Microsoft, and custom OAuth 2.0 providers
• PKCE Security - Proof Key for Code Exchange for mobile/SPA apps
• Token Management - Automatic token refresh and revocation
• User Normalization - Consistent user data across providers
• Session Integration - Built-in session management support

Access Methods

SDK

TypeScript/JavaScript library for OAuth flows

await oauth.authorize({ provider: 'google', redirectUri: 'https://app.do/callback', scope: ['email'] })

→ SDK Documentation

CLI

Command-line tool for OAuth testing

do oauth authorize google --redirect-uri https://app.do/callback --scope email,profile

→ CLI Documentation

API

REST/RPC endpoints for OAuth integration

curl -X POST https://api.do/v1/oauth/authorize -d '{"provider":"google","redirectUri":"https://app.do/callback"}'

→ API Documentation

MCP

Model Context Protocol for AI-assisted auth flows

Initiate OAuth flow with Google provider for email and profile scopes

→ MCP Documentation

Related Primitives

• webhooks - Webhook authentication
• rpc - Service-to-service authentication