mOAuth A Basic OAuth 2.0 Client/Server Implementation

Version Apache 2.0 Build Coverity Scan Status LGTM Grade LGTM Alerts

mOAuth is a basic OAuth 2.0 client/server implementation designed for testing and development of OAuth-based services. The client library supports authorization of native macOS, iOS, and Linux applications with PKCE. The server is both an Authorization Server and a Resource Server that supports:

  • User account authentication/authorization using PAM
  • Traditional web-based authorization grants with redirection as well as resource owner password credentials grants
  • Token introspection for services
  • Basic Resource Server functionality with implicit and explicit ACLs
  • Customizable web interface


mOAuth requires CUPS 2.2 or later for its HTTPS support. If you are compiling from source you’ll need a C compiler (GCC and clang are fine) and a make program that supports the “include” directive (like GNU make).

Standards Implemented

The specific standards mOAuth currently implements are:

Copyright © 2017-2019 by Michael R Sweet.

mOAuth is licensed under the Apache License Version 2.0 with an exception to allow linking against GPL2/LGPL2 software (like older versions of CUPS). See the files “LICENSE” and “NOTICE” for more information.


mOAuth v1.1 January 19, 2019

mOAuth v1.0 January 15, 2019