About OAuth Tools
OAuth Tools is a free OAuth laboratory and serves as a place for API developers to learn and explore the inner workings of OAuth and OpenID Connect, the standards used to secure API access.
It can be viewed as an advanced OAuth client that can easily be connected to any OAuth server and used to experiment and test different OAuth flows. By using OAuth Tools, you can understand the different steps in the process to issue tokens and how those can be used to perform access control and to protect APIs.
Standard Protocols
Standards such as Dynamic Client Registration, OpenID Discovery and WebFinger are implemented to allow for rapid prototyping and to automatically connect the tool to an OAuth server.
OAuth Flows
The most common OAuth flows supported are namely, implicit, code, hybrid, device, client credentials and ROPC. Other OAuth and OpenID complementary flows are also made available, like user info and introspection together JWT decoding and validation.
In addition to running the OAuth flows, OAuth Tools also enables developers to experiment with user interaction over OpenID Connect. You can test how different parameters affect authentication flows, various login methods, single sign-on and more.
The clean UI lets you see the flows clearly, in what order things happen, what tokens are returned and if signatures are valid.