Skip to main content


Auth 2.0 generates access tokens for API authorization scenarios.

To see the reference documentation, please login.

High-end solutions

OAuth 2.0 focuses on client developer simplicity while providing specific authorization flows for your applications.

Speed of light

The OAuth 2.0 authorization framework is a protocol that allows a user to grant a third-party web site or application access to the user's protected resources, without necessarily revealing their long-term credentials or even their identity.

Industry standards

OAuth 2.0 is the industry-standard protocol for authorization.

Release Notes

Version 1.3.1

  • /token endpoint can result 400 status code with "invalid_grant" error message if requested oauth scope is not configured in oauth client profile.

  • /token and /auth endpoint accept optional x-api-key http header.

Logo of Empower Retirement