Modules
An OAuth 2.1 authorization server, configured per app via a single module.
Protocol-pure logic for the /oauth/authorize endpoint.
Change that rotates a refresh-token row atomically.
Mint and verify OAuth 2.1 access tokens.
Builders for the discovery metadata endpoints.
PKCE (RFC 7636) S256 helpers.
Marker extension for an OAuth 2.1 refresh-token resource.
Verifies the refresh-token resource has the shape the Token core depends on
Protocol-pure logic for /oauth/register (RFC 7591 Dynamic Client
Registration).
Protocol-pure logic for the /oauth/token endpoint.
Resource-server side bearer token validation.
Plug router for the human-driven consent step of the OAuth 2.1 flow.
Default HTML consent screen.
HTTP error response helpers for OAuth 2.1 / RFC 7591.
Plug router for the client-facing OAuth 2.1 protocol endpoints — anything called by an external OAuth client without a browser session.
Phoenix router macros for mounting the OAuth 2.1 authorization server.
Mix Tasks
Scaffolds an OAuth 2.1 authorization server