mirror of https://github.com/mountain-loop/yaak.git synced 2025-12-23 22:48:55 -05:00

Files

Gregory Schier fc1e8baa23 Catch any 4XX error on refresh token failure

https://feedback.yaak.app/p/folders-oauth2-refresh-token-issue

2025-12-09 14:08:31 -08:00

src

Catch any 4XX error on refresh token failure

2025-12-09 14:08:31 -08:00

tests

Switch to BiomeJS (#306 )

2025-11-23 08:38:13 -08:00

package.json

Switch to BiomeJS (#306 )

2025-11-23 08:38:13 -08:00

README.md

OAuth 2 plugin README

2025-07-19 21:47:19 -07:00

screenshot.png

OAuth 2 plugin README

2025-07-19 21:47:19 -07:00

tsconfig.json

Fix lint errors after upgrades and narrow tsc

2025-07-14 10:09:08 -07:00

README.md

OAuth 2.0 Authentication

An OAuth 2.0 authentication plugin that supports multiple grant types and flows, enabling secure API authentication with OAuth 2.0 providers.

Overview

This plugin implements OAuth 2.0 authentication for requests, supporting the most common OAuth 2.0 grant types used in modern API integrations. It handles token management, automatic refresh, and PKCE (Proof Key for Code Exchange) for enhanced security.

Supported Grant Types

Authorization Code Flow

The most secure and commonly used OAuth 2.0 flow for web applications.

Standard Authorization Code flow
Optional PKCE (Proof Key for Code Exchange) for enhanced security
Supports automatic token refresh

Client Credentials Flow

Ideal for server-to-server authentication where no user interaction is required.

Implicit Flow

Legacy flow for single-page applications (deprecated but still supported):

Direct access token retrieval
No refresh token support
Suitable for legacy integrations

Resource Owner Password Credentials Flow

Direct username/password authentication.

User credentials are exchanged directly for tokens
Should only be used with trusted applications
Supports automatic token refresh

Features

Automatic Token Management: Handles token storage, expiration, and refresh automatically
PKCE Support: Enhanced security for Authorization Code flow
Token Persistence: Stores tokens between sessions
Flexible Configuration: Supports custom authorization and token endpoints
Scope Management: Configure required OAuth scopes for your API
Error Handling: Comprehensive error handling and user feedback

Usage

Configure the request, folder, or workspace to use OAuth 2.0 Authentication
Select the appropriate grant type for your use case
Fill in the required OAuth 2.0 parameters from your API provider
The plugin will handle the authentication flow and token management automatically

Compatibility

This plugin is compatible with OAuth 2.0 providers including:

Google APIs
Microsoft Graph
GitHub API
Auth0
Okta
And many other OAuth 2.0 compliant services