Ogin

Open authentication for the modern web.

A universal OAuth 2.1 identity provider — any app can integrate with Ogin to let users sign in securely, with no application review required.

Get Started Learn More

How It Works

1

Register Your App

Use dynamic client registration or call our API. No approval process — just redirect URIs.

2

Users Authorize

Users see a clear consent screen. Verified domains display trusted branding, unverified show a "Test" badge.

3

Secure Tokens

OAuth 2.1 with PKCE. All tokens hashed, user props end-to-end encrypted. No secrets stored.

Domain Verification

Verify your domain with a single TXT record to unlock trusted branding on the consent screen.

_ogin.yourdomain.com TXT "ogin-verify=..."

Unverified apps still work — they just display a "Test Mode" indicator during authorization.

For Developers

Standard OAuth 2.1

Compatible with any OAuth client library. Supports authorization code flow with PKCE.

Discovery Endpoint

/.well-known/oauth-authorization-server — auto-configure your client.

Dynamic Registration

Register clients programmatically via /oauth/register. No manual setup.

User Control

Users can review and revoke any app's access from their dashboard at any time.