OAuth2 goodies for the Djangonauts!
Clone or download
ziXet and jleclanche - use "source_refresh_token" for getting the refresh_token of an acce…

- add an assertion for checking if it's returning the same refresh_token for the grace period or not.
Latest commit 4a8e1c5 Oct 30, 2018


Django OAuth Toolkit


OAuth2 goodies for the Djangonauts!

https://badge.fury.io/py/django-oauth-toolkit.png Build Status Coverage Status
If you are facing one or more of the following:
  • Your Django app exposes a web API you want to protect with OAuth2 authentication,
  • You need to implement an OAuth2 authorization server to provide tokens management for your infrastructure,

Django OAuth Toolkit can help you providing out of the box all the endpoints, data and logic needed to add OAuth2 capabilities to your Django projects. Django OAuth Toolkit makes extensive use of the excellent OAuthLib, so that everything is rfc-compliant.


We love contributions, so please feel free to fix bugs, improve things, provide documentation. Just follow the guidelines and submit a PR.

Reporting security issues

Please report any security issues to the JazzBand security team at <security@jazzband.co>. Do not file an issue on the tracker.


  • Python 3.4+
  • Django 2.0+


Install with pip:

pip install django-oauth-toolkit

Add oauth2_provider to your INSTALLED_APPS


If you need an OAuth2 provider you'll want to add the following to your urls.py. Notice that oauth2_provider namespace is mandatory.

urlpatterns = [
    url(r'^o/', include('oauth2_provider.urls', namespace='oauth2_provider')),




The full documentation is on Read the Docs.


django-oauth-toolkit is released under the terms of the BSD license. Full details in LICENSE file.