About OAuth Tools

OAuth Tools is a free OAuth laboratory and serves as a place for API developers to learn and explore the inner workings of OAuth and OpenID Connect, the standards used to secure API access.

It can be viewed as an advanced OAuth client that can easily be connected to any OAuth server and used to experiment and test different OAuth flows. By using OAuth Tools, you can understand the different steps in the process to issue tokens and how those can be used to perform access control and to protect APIs.

This application uses only the browser local storage, no data is stored on the server.Try out OAuth Tools

Standard Protocols

Standards such as Dynamic Client Registration, OpenID Discovery and WebFinger are implemented to allow for rapid prototyping and to automatically connect the tool to an OAuth server.

OAuth Flows

The most common OAuth flows supported are namely, implicit, code, hybrid, device, client credentials and ROPC. Other OAuth and OpenID complementary flows are also made available, like user info and introspection together JWT decoding and validation.

In addition to running the OAuth flows, OAuth Tools also enables developers to experiment with user interaction over OpenID Connect. You can test how different parameters affect authentication flows, various login methods, single sign-on and more.

The clean UI lets you see the flows clearly, in what order things happen, what tokens are returned and if signatures are valid.

Curity's OAuth Tools receives award for Best in API Security

API Awards

OAuth Tools has been developed as a place for users to experiment, learn and explore the inner workings of OpenID Connect and OAuth. You can easily connect the tool to any OAuth server and try the full set of flows.

Start free trial

Curity's OAuth Tools receives award for Best in API Security

API Awards

© 2017-2024 Curity AB • Terms Of Service