Get started in 5 minutes

Quick Start Guide

This guide will walk you through setting up OAuth42 authentication in your application. You'll create an account, configure your first OAuth client, and implement authentication in minutes.

1

Create Your Account

First, create your OAuth42 account to access the dashboard where you'll manage your OAuth clients and users.

  1. Visit https://app.oauth42.com
  2. Click "Sign Up" and enter your email address
  3. Verify your email address via the confirmation link
  4. Complete your profile setup
Create Account
2

Create Your First OAuth Client

An OAuth client represents your application in the OAuth42 system. You'll need its credentials to authenticate users.

In the Dashboard:

  1. Navigate to "OAuth Clients" in the sidebar
  2. Click "Create Client"
  3. Fill in the client details:
    • Name: Your application name (e.g., "My App")
    • Client Type: Select "Confidential" for web apps, "Public" for mobile/SPA
    • Redirect URIs: depends on your SDK:
      • Next.js (@oauth42/next): http://localhost:3000/api/auth/callback/oauth42
      • Python / Rust / generic OAuth2 clients: whatever path your callback handler listens on, e.g. http://localhost:8000/callback
  4. Click "Create" and save your Client ID and Client Secret (you won't see the secret again!)

Important Security Note

Store your Client Secret securely. Never commit it to version control or expose it in client-side code.

3

Configure Client Settings

Configure your OAuth client with the appropriate settings for your use case.

Grant Types

We recommend using Authorization Code with PKCE for the best security:

  • Authorization Code + PKCE: Most secure, works for web, mobile, and SPAs
  • Client Credentials: For machine-to-machine authentication only
  • Refresh Token: Enable to get long-lived access without re-authentication

Scopes

Configure which permissions your application will request:

openid

Required for OIDC authentication

profile

Access to user profile info

email

Access to user email address

offline_access

Enables refresh tokens

4

Implement Authentication

Now let's implement OAuth2 authentication in your application. Choose your preferred language:

This quickstart uses our Next.js SDK (@oauth42/next), which wraps NextAuth.js. For a full walkthrough including middleware-based token refresh and sign-in pages, see the Next.js tutorial.

1. Install the SDK

npm install @oauth42/next next-auth

2. Set your env vars

# .env.local
OAUTH42_CLIENT_ID=your_client_id
OAUTH42_CLIENT_SECRET=your_client_secret
OAUTH42_ISSUER=https://auth.oauth42.com
NEXTAUTH_SECRET=$(openssl rand -base64 32)
NEXTAUTH_URL=http://localhost:3000

3. Wire up the NextAuth route handler

NextAuth consumes requests to /api/auth/*, including the callback at /api/auth/callback/oauth42 — which is the exact path you registered as a Redirect URI in Step 2.

// app/api/auth/[...nextauth]/route.ts
import { createAuth } from '@oauth42/next/server';

const { handlers } = createAuth({
  cookiePrefix: 'oauth42-app',
});

export const { GET, POST } = handlers;

4. Add middleware for automatic token refresh

// middleware.ts
import { withOAuth42Auth } from '@oauth42/next/middleware';

export default withOAuth42Auth({
  cookiePrefix: 'oauth42-app',
  publicPaths: ['/api/auth', '/auth'],
});

5. Sign users in

'use client';
import { signIn, useSession } from 'next-auth/react';

export default function LoginButton() {
  const { data: session } = useSession();

  if (session) return <p>Signed in as {session.user?.email}</p>;

  return (
    <button onClick={() => signIn('oauth42', { callbackUrl: '/dashboard' })}>
      Sign in with OAuth42
    </button>
  );
}
5

Test Your Integration

Now that you've implemented the authentication flow, let's test it:

  1. Start your application locally
  2. Navigate to your login route (e.g., /login)
  3. You should be redirected to the OAuth42 authorization page
  4. Sign in with your OAuth42 account
  5. Grant the requested permissions
  6. You'll be redirected back to your application with an authorization code
  7. Your application will exchange the code for access tokens
  8. You should now see the user information logged in your console

Success!

You've successfully integrated OAuth42 authentication! Your users can now securely sign in to your application.

Next Steps

Enable Multi-Factor Authentication

Add an extra layer of security with TOTP-based 2FA

Manage Tokens & Sessions

Learn about token refresh, validation, and session management

Explore the API Reference

Complete documentation for all OAuth42 API endpoints

Security Best Practices

Ensure your implementation follows security best practices

Need Help?

If you're stuck or have questions, we're here to help!

View All DocumentationContact SupportGitHub Discussions