Preconfigured all-in-one servers

A pre configured server is an all-in-one endpoint serving a specific class of application clients. As the individual endpoints, they depend on the use of a Request Validator.

Construction is simple, only import your validator and you are good to go:

from your_validator import your_validator
from oauthlib.oauth2 import WebApplicationServer

server = WebApplicationServer(your_validator)

If you prefer to construct tokens yourself you may pass a token generator (see

Tokens for more examples like JWT)

def your_token_generator(request, refresh_token=False):
    return 'a_custom_token' + request.client_id

server = WebApplicationServer(your_validator, token_generator=your_token_generator)

This function is passed the request object and a boolean indicating whether to generate an access token (False) or a refresh token (True).

class oauthlib.oauth2.Server(request_validator, token_expires_in=None, token_generator=None, refresh_token_generator=None, *args, **kwargs)[source]: An all-in-one endpoint featuring all four major grant types and extension grants.

class oauthlib.oauth2.WebApplicationServer(request_validator, token_generator=None, token_expires_in=None, refresh_token_generator=None, **kwargs)[source]: An all-in-one endpoint featuring Authorization code grant and Bearer tokens.

class oauthlib.oauth2.MobileApplicationServer(request_validator, token_generator=None, token_expires_in=None, refresh_token_generator=None, **kwargs)[source]: An all-in-one endpoint featuring Implicit code grant and Bearer tokens.

class oauthlib.oauth2.LegacyApplicationServer(request_validator, token_generator=None, token_expires_in=None, refresh_token_generator=None, **kwargs)[source]: An all-in-one endpoint featuring Resource Owner Password Credentials grant and Bearer tokens.

class oauthlib.oauth2.BackendApplicationServer(request_validator, token_generator=None, token_expires_in=None, refresh_token_generator=None, **kwargs)[source]: An all-in-one endpoint featuring Client Credentials grant and Bearer tokens.

class oauthlib.oauth2.DeviceApplicationServer(request_validator: RequestValidator, verification_uri: str, interval: int = 5, verification_uri_complete: str | None = None, user_code_generator: Callable[[None], str] = None, **kwargs)[source]: An all-in-one endpoint featuring Authorization code grant and Bearer tokens.