Create an OAuth Provider

Before you can get started using OAuth, you’ll need to either create or choose an OAuth authorization server (aka “provider”). Social media sites, such as Facebook and Google each provide their own authorization server. This is convenient if your users already have login credentials for those sites, but is less than ideal if you’d rather control the user management yourself. In that case, you can use Oauth.Us to create your own authorization server.

Create the Provider

First login to Oauth.Us and navigate to the providers page. You’ll want to click on the “New Provider” link. Afterwards, you should be redirected to a page where you can fill out important information about your new provider.


Before you can actually instantiate your provider, you’ll need to specify what sort of hardware you want provider to run on. All Oauth.Us providers run in your own private AWS environment. This means that you’ll need your own AWS account, and to provide your AWS keys so that Oauth.Us can interact with your account.

For evaluation purposes, you can use the t2.micro instance. For new AWS users, this instance is also free for a limited time.

After selecting the instance type, you’ll also need to specify how much storage you want to use. For smaller deployments, select the 8GB storage.

Now you’ll need to specify what sort of network environment the provider should run in. If you’ve never used AWS before this step may seem confusing. Basically, a VPC defines a network of machines (think along the lines of a corporate network). Subnets are smaller groups of machines contained within a VPC.

For new Oauth.Us providers, you probably want to select the default “new VPC” and “new subnet” options.

You’re finally ready to launch the instance! It will take a few minutes after pressing “launch” for your provider to be ready.


Each new provider has a built-in administrative portal. Once the provider is running, click on “Admin Portal”. Then login using your Oauth.Us handle and the default administrative password (see customizations).

Provider Applications

Each Oauth.Us provider comes with several pre-built applications. Each application resides on its own port, so that it’s easy to remember.

  • The administrative portal enables administrative users to add users, applications,

and endpoints. The portal runs on port 80. * The user portal enables regular users to update their profile information. The user portal runs on port 9998. * The authorization server issues and validates tokens, and runs on port 8080.

To reach these applications, simply combine the provider’s IP address with the correct port.

Next Steps

Now that you have your own OAuth authorization server, you’ll need to login into the administrative portal. Just type the provider’s IP address into your browser.

Once logged in, you should see various links to add users, register endpoints, and create client applications.