{
  "$type": "site.standard.document",
  "description": "Build support for OAuth into IO.",
  "path": "/decisions/oauth/",
  "publishedAt": "2025-03-05T00:00:00Z",
  "site": "at://did:plc:bnr33h7nafe5nk4zzlshvana/site.standard.publication/3mnb3xdhll227",
  "tags": [
    "IO",
    "OAuth"
  ],
  "textContent": "IO ingresses support OAuth authentication. Client configuration is provided in host blocks, and IO intercepts all OAuth-related paths to handle signin and token management. Instead of passing tokens directly to backends, IO provides a session token that backends can send with their Calling Mode requests and IO will automatically apply the appropriate authorization token. Pros This offloads a tedious and common challenge for application developers. OAuth can be used by backend applications in any language. Cons Configuration is a bit complex and currently is only supported in HCL. ",
  "title": "Build OAuth Support"
}