Skip to content


Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?

Latest commit


Git stats


Failed to load latest commit information.
Latest commit message
Commit time

Portier authentication support for Kinto

travis Coverage

kinto-portier enables authentication in Kinto applications using an email address.

It provides:

  • An authentication policy class;
  • Integration with Kinto cache backend for token verifications;
  • Integration with Kinto for heartbeat view checks;
  • Some optional endpoints to perform the OAuth dance (optional).
  • Kinto documentation
  • Issue tracker


Install the Python package:

pip install kinto-portier

Include the package in the project configuration:

kinto.includes = kinto_portier

And configure authentication policy using pyramid_multiauth formalism:

multiauth.policies = portier
multiauth.policy.portier.use = kinto_portier.authentication.PortierOAuthAuthenticationPolicy

By default, it will rely on the cache configured in Kinto.


Fill those settings with the values obtained during the application registration:

kinto.portier.broker_url =
kinto.portier.webapp.authorized_domains = *
# kinto.portier.cache_ttl_seconds = 300
# kinto.portier.state.ttl_seconds = 3600

Login flow

OAuth Bearer token

Use the OAuth token with this header:

Authorization: Portier <jwt_token>
notes:If the token is not valid, this will result in a 401 error response.