Child pages
  • OAuth2 Module - for Implementors

Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.

Quick Introduction

The OpenMRS OAuth2 Module converts any OpenMRS installation into an OAuth Provider. It is based on the OAuth2 protocol and uses Spring Security and Spring Security OAuth2.


When modules are installed in OpenMRS,  the filters are loaded in the order of installation. Therefore make sure that there are so such conflicts when installing the OAuth2 module and OAuth2 module's filters (spring security filter chain) are loaded before filters of protected modules.

Database Structure

Upon successful installation the following tables will be added to the database :

S.noTable NameDescription
1oauth2_clientstores basic information about registered clients
2oauth2_client_authoritiesstores the granted authorities for registered clients (ROLE_CLIENT for now)
3oauth2_client_grant_typesstores authorization grant types for registered clients
4oauth2_client_redirect_uristores redirect_uri's for registered clients
5oauth2_client_resource_idsstores the permitted resource id's for registered clients
6oauth2_client_scopesstores the scope for registered clients
7oauth_access_tokenstores access_tokens for each client. will be deprecated
8oauth_client_tokenstores access tokens
9oauth_codemaintains authorization code
10oauth_refresh_tokenmaintains refresh tokens

Manage Client Developers

Client Developers are those users of an OpenMRS installation that develop OAuth2 clients i.e applications that use OpenMRS's web services protected by the OAuth2 module. At present, all users are allowed to register OAuth2 clients (via the REST controller). This will be changing soon. Only users with proper roles and permissions (client_developer) will be allowed to register 

Manage Clients 

The admins of OpenMRS instance will be see a list of all registered clients. 

To manage clients using REST Controller see this