OAuth Tools

OAuth Tools: The Free OAuth Laboratory

Daniel Lindau

Daniel Lindau

2 min read

If you're looking for a place to experiment, learn, and explore the inner workings of OAuth and OpenID Connect, check out our award-winning OAuth Tools.

OAuth Tools is an OAuth laboratory serving as a place for developers to learn and explore the inner workings of the OAuth and OpenID Connect protocols. It's essentially an advanced OAuth client that can easily be connected to any OAuth server and used to experiment and test different OAuth flows. By using OAuth Tools, you can understand each step of the token issuance process and how unique OAuth flows can be used to perform access control to protect APIs.

OAuth Tools aims to bring every step of these flows to the surface, making each one easier to comprehend. For example, the tool allows users to tweak all of the parameters sent in each flow to see how the server responds. The clean UI clearly highlights each flow, showing the order in which actions occur and what tokens are returned. JWT signature validation results are clearly displayed, and things like missing claims are drawn to the user's attention. In this way, the tool is an excellent aid to learn OAuth and test your actual server implementation.

Since OAuth Tools is entirely standard-based, you can point it directly to your OAuth server and start learning. If you don't have a server, OAuth Tools provides a playground environment to use at your leisure. Most flows are enabled directly, so you can immediately start exploring how the tool works. In addition, all settings you configure are saved in your browser's local storage, so OAuth Tools recalls them without saving any sensitive data server-side.

OAuth Tools started as a free web-based application but is now also available as a licensed application for Curity customers. A significant benefit of the app version is that it can more easily interact with development servers not available on the internet. Check OAuth Tools out for yourself

Join The Discussion

Follow @curityio on Twitter