OAuth

Last updated on March 24, 2021

OAuth is an authentication standard which is widely used to grant permission to access websites and APIs without having to share a user’s password directly.

For the purposes of Moa, OAuth is used by Mastodon (and Mastodon-compatible systems like Pleroma), Twitter, and Instagram. Moa requests access to your accounts on those services on your behalf. OAuth tokens are stored in the Moa database, and you can revoke them at any time.

The OAuth 2.0 standard IETF RFC6749 replaced the 1.0 version in October 2012.

The oauth.net site has excellent background info, including the introduction and history page.

Resources

Twitter OAuth FAQ
Mastodon OAuth Docs
Instagram API Endpoint - OAuth Access Token

Notes mentioning this note

Part of server code, available at moa.party/privacy. This moaparty.com website is a static website, details in the [[Colophon]].

Support Pleroma

We’ve had a request to support [[Pleroma]]. Reports are that it doesn’t work with Moa currently, which is likely due...