Open Authorization (OAuth) is an authorization protocol that acts as an intermediary and facilitates secure access to third-party applications without sharing user credentials, thereby protecting specific resources. Instead of usernames and passwords, OAuth uses tokens, serving as temporary access keys. Rocket.Chat offers integrations with various providers such as Google, Apple, and GitHub. This provides flexibility and security so users can log in with any of these credentials. You can also configure custom OAuth methods.
This section guides you through the required configuration details of each supported method.
Key features of OAuth integration
Controlled access: With the authentication methods, you can decide which user data the workspace can access.
Single Sign-On (SSO): Users can sign in to the workspace without creating new usernames and passwords.
Flexibility: You can choose the authentication methods you want to implement in your workspace from the list of available options. Furthermore, you can also set up your own custom OAuth methods in your Rocket.Chat workspace.
Set up your OAuth method
Go to Manage → Workspace → Settings → OAuth. You can view a list of some OAuth methods that are supported by Rocket.Chat, including Google, GitHub, LinkedIn, etc. Select the method that meets your needs and provide the configuration parameters. Refer to the sub-sections where we go into the details of each method.
Refresh OAuth services
To update the options shown on your workspace login page based on your saved settings, click Refresh OAuth Services.
OAuth apps will have full access to user accounts, including the ability to perform any action on behalf of the user. You must proceed carefully while logging in and refuse access if you don’t trust the OAuth app.
Add custom OAuth
Click Add custom OAuth to set up a custom OAuth integration with an identity provider that is not in the list of supported OAuth methods, for example, Auth0. See the Custom OAuth Setup guide for setup steps.
You can also create and manage OAuth apps using the REST API endpoints. See the Create OAuth App endpoint for details.