PHPackages                             arckinteractive/elgg\_oauth\_sso - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Authentication &amp; Authorization](/categories/authentication)
4. /
5. arckinteractive/elgg\_oauth\_sso

ActiveElgg-plugin[Authentication &amp; Authorization](/categories/authentication)

arckinteractive/elgg\_oauth\_sso
================================

Allows other sites/services to implement SSO using the Elgg as the source of truth for user info

1.0.0(5y ago)111PHPPHP &gt;=5.5

Since Jun 11Pushed 5y ago2 watchersCompare

[ Source](https://github.com/arckinteractive/elgg_oauth_sso)[ Packagist](https://packagist.org/packages/arckinteractive/elgg_oauth_sso)[ RSS](/packages/arckinteractive-elgg-oauth-sso/feed)WikiDiscussions master Synced today

READMEChangelog (1)Dependencies (2)Versions (2)Used By (0)

Oauth Server
------------

[](#oauth-server)

Allows other sites to use the elgg server as an oauth identity manager

1. Register a new application at `/admin/applications`
2. Authorize the user by having them log in at `[url]/oauth/authorize?client_id=xxxxxxxx&state=xxxxxxxx&response_type=code&scope=user` where client\_id is the generated id of the application, and the state is a random string to prevent CSRF attacks
3. The user will log in if necessary and authorize the application
4. The user will be redirected back to the redirect\_uri with the original state in a query param and a code: `[redirect_uri]?state=xxxxxx&code=xxxxxxxx`
5. Make a POST request to `/oauth/token` with body params of

```
    {
        client_id: xxxxxxxx,
        client_secret: xxxxxxx,
        grant_type: 'authorization_code',
        redirect_uri: 'https://xxxxxxxxxxxxx',
        code: xxxxxxxxxx
    }

```

6. The result will be an access token

```
    {
        "access_token": "369e27dae447d3856fc538a217536b186cea1bc3",
        "expires_in": 3600,
        "token_type": "Bearer",
        "scope": "user",
        "refresh_token": "3c706473a576815c503a119626d674331becc4c8"
    }

```

7. The access token in the header: `Authorization: Bearer 369e27dae447d3856fc538a217536b186cea1bc3` for future OAuth api calls
8. Retrieve the user info from the GET endpoint `/oauth/api/me`

```
    {
        "name": "Matt Beckett",
        "username": "mbeckett",
        "email": "matt@arckinteractive.com"
    }

```

9. Use the refresh token to get a fresh access token if necessary, make a POST request to `/oauth/token` with body params of

```
    {
        client_id: xxxxxxxx,
        client_secret: xxxxxxx,
        grant_type: 'refresh_token',
        refresh_token: xxxxxxxxxx
    }

```

###  Health Score

23

—

LowBetter than 27% of packages

Maintenance20

Infrequent updates — may be unmaintained

Popularity7

Limited adoption so far

Community8

Small or concentrated contributor base

Maturity50

Maturing project, gaining track record

 Bus Factor1

Top contributor holds 100% of commits — single point of failure

How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window.

**Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores.

**Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement.

**Maturity (30%)** — Project age, version count, PHP version support, and release stability.

###  Release Activity

Cadence

Unknown

Total

1

Last Release

2160d ago

### Community

Maintainers

![](https://www.gravatar.com/avatar/55be67f1fa6d239b8d4b8e2bf01947571c33373a664a4f8b88433177e54ad64e?d=identicon)[beck24](/maintainers/beck24)

---

Top Contributors

[![beck24](https://avatars.githubusercontent.com/u/738363?v=4)](https://github.com/beck24 "beck24 (2 commits)")

### Embed Badge

![Health badge](/badges/arckinteractive-elgg-oauth-sso/health.svg)

```
[![Health](https://phpackages.com/badges/arckinteractive-elgg-oauth-sso/health.svg)](https://phpackages.com/packages/arckinteractive-elgg-oauth-sso)
```

###  Alternatives

[markstory/acl_extras

Additional tools for managing DB ACL in CakePHP applications.

155311.0k](/packages/markstory-acl-extras)[rainlab/user-plugin

User plugin for October CMS

11954.3k13](/packages/rainlab-user-plugin)[stuttter/wp-user-signups

The best way to manage user &amp; site sign-ups in WordPress

46208.9k5](/packages/stuttter-wp-user-signups)[winter/wn-user-plugin

User plugin for Winter CMS

1233.5k13](/packages/winter-wn-user-plugin)[rainlab/userplus-plugin

User plus plugin for October CMS

168.8k2](/packages/rainlab-userplus-plugin)

PHPackages © 2026

[Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)