forgejo-docs/docs/admin/oauth2-provider.md

---
title: 'OAuth2 provider'
license: 'CC-BY-SA-4.0'
---

Forgejo can act as an instance wide OAuth2 provider. To achieve that, OAuth2 applications must be created in the `/admin/applications` page.

> **NOTE:** Third party applications obtaining a token for a user via such an application will have administrative rights. OAuth2 scopes are not yet implemented.

## Pre-registered applications

The following OAuth2 applications are pre-registered because it is generally useful for Forgejo to be an OAuth2 provider for the corresponding third party software. Their usage is explained in the [Forgejo user guide](../../user/oauth2-provider/).

- **git-credential-manager** is the name of the OAuth2 application for the [Git Credential Manager](https://github.com/git-ecosystem/git-credential-manager) (a Git [credential helper](https://git-scm.com/docs/gitcredentials#_custom_helpers))
- **git-credential-oauth** is the name of the OAuth2 application for the [git-credential-oauth](https://github.com/hickford/git-credential-oauth) (a Git [credential helper](https://git-scm.com/docs/gitcredentials#_custom_helpers))

All pre-registered applications are activated by default in the [`[oauth2].DEFAULT_APPLICATIONS`](../config-cheat-sheet/#oauth2-oauth2) setting as displayed in the `/admin/applications` page.

![pre-registered Git credential applications](../_images/admin/oauth2-provider/oauth-git-credential-server.png)
{user,admin}: oauth2-provider: pre-registered OAuth applications 2023-11-16 13:30:42 -05:00			`---`
			`title: 'OAuth2 provider'`
			`license: 'CC-BY-SA-4.0'`
			`---`

			Forgejo can act as an instance wide OAuth2 provider. To achieve that, OAuth2 applications must be created in the `/admin/applications` page.

			`> NOTE: Third party applications obtaining a token for a user via such an application will have administrative rights. OAuth2 scopes are not yet implemented.`

			`## Pre-registered applications`

Add codespell support (without CI) and make it fix some typos (#536) Per "request" of @0ko in https://codeberg.org/forgejo/forgejo/pulls/3270#issuecomment-1774032 TODOs - postponed: how to add codespell (written in Python) to CI -- separate workflow? add to some other step? to some other tool/specification? Reviewed-on: https://codeberg.org/forgejo/docs/pulls/536 Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org> Co-authored-by: Yaroslav Halchenko <debian@onerussian.com> Co-committed-by: Yaroslav Halchenko <debian@onerussian.com> 2024-05-05 10:53:04 -04:00			`The following OAuth2 applications are pre-registered because it is generally useful for Forgejo to be an OAuth2 provider for the corresponding third party software. Their usage is explained in the [Forgejo user guide](../../user/oauth2-provider/).`
{user,admin}: oauth2-provider: pre-registered OAuth applications 2023-11-16 13:30:42 -05:00
			`- git-credential-manager is the name of the OAuth2 application for the [Git Credential Manager](https://github.com/git-ecosystem/git-credential-manager) (a Git [credential helper](https://git-scm.com/docs/gitcredentials#_custom_helpers))`
			`- git-credential-oauth is the name of the OAuth2 application for the [git-credential-oauth](https://github.com/hickford/git-credential-oauth) (a Git [credential helper](https://git-scm.com/docs/gitcredentials#_custom_helpers))`

			All pre-registered applications are activated by default in the [`[oauth2].DEFAULT_APPLICATIONS`](../config-cheat-sheet/#oauth2-oauth2) setting as displayed in the `/admin/applications` page.

			`![pre-registered Git credential applications](../_images/admin/oauth2-provider/oauth-git-credential-server.png)`