Skip to content


Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
OAuth PAS Plugin, OAuth 1.0 provider for Plone.

Fetching latest commit…

Cannot retrieve the latest commit at this time

Failed to load latest commit information.
.gitignore Include coveralls.
README.rst Enabling usage of Travis CI
setup.cfg Paster boilerplate.
travis-4.1.x.cfg Include coveralls.



This module provides OAuth support for Zope/Plone, with the option to be extensible through the Zope Component Architecture to allow the addition of more feature-rich components. Features core to OAuth are fully supported, this includes the full OAuth authentication workflow, client (consumer) management for site managers and access token management for resource owners. Scope restriction is also supported; site managers can define content types and subpaths that are available for client usage using scope profiles, and clients can specify a list of them to better inform the resource owners of what will be accessed under their access rights.

While the test coverage is fairly complete and demonstrates that access permissions and scope restriction function as intended, the author does not currently endorse the usage of this package in a mission critical environment where absolute security is required, as there are no audits have been done on this package by security experts. Otherwise, please ensure that your users are aware of who the trusted third-party clients are and that your site's privacy and security policies are updated to fully inform your users of risks that may be associated with the usage of OAuth with this package.



This package requires Plone 4.1 or later.

Installing with buildout

You can install pmr2.oauth using buildout by adding an entry for this package in both eggs and zcml sections.




eggs =

zcml =

Run buildout, then restart the Zope/Plone instance. This package must also be activated using the Add-ons panel under Site Setup within the Plone instance where OAuth based authorization is to be used.

Further information and usage instructions

If the add-on is correctly installed and activated, an index of views made available as part of this add-on can be found at ${portal_url}/@@pmr2-oauth.

If you are upgrading from a previously installed version of this add-on, please refer to docs/UPGRADE.rst for some important information.

For more detailed information, please refer to the doctest file at pmr2/oauth/README.rst.


This add-on was created as part of the Physiome Model Repository in order to enable it to provide secured web-service access using a well supported, industry-standard authorization method for third-party clients.

Something went wrong with that request. Please try again.