Skip to content
Switch branches/tags

Latest commit


Git stats


Failed to load latest commit information.
Latest commit message
Commit time


A Haskell implementation of OpenID Connect.

Build Status


The easiest option is to use stack, particularly if you are new to Haskell. Follow the instructions to download and install stack (just adding the stack binary to your path), then

$ git clone
$ cd broch

If you don't already have a compatible ghc version installed, you can get stack to install one by running

$ stack setup

To build the project run

$ stack build

Running with SQLite

If all goes well you can then run the command-line server, and start it with a sqlite database

$ stack exec broch -- --help
$ stack exec broch -- --back-end=SQLITE --issuer=http://localhost:3000

The SQLite database creates a broch.db3 file for the database. It automatically creates the schema and adds a test user (username: "cat", password: "cat") and a client called "app". You should then be able to paste the following authorization request into your browser


After logging in, you will be redirected to the client app URL with a code parameter. This will give a 404, since the client isn't actually running, but you can use a utility like curl to mimic the client's interaction with the token endpoint and exchange the code for an access token.

PostgresSQL Backend

By default, broch uses a PostgresSQL database for storage. Version 9.5 or greater is required. There are two initialization scripts, pgdb.sql and user.sql which create the required schema. For a real deployment, you would run postgres as a system service running in the background, but you can also run it manually.

First create a directory to store the data and initialize it, then start the database

$ initdb brochdb
$ pg_ctl -D ./brochdb start

Then we run the psql client, create a new database and run the initialization scripts

$ psql -u postgres

postgres=# create database broch;
postgres=# \connect broch
broch=# \i pgdb.sql
broch=# \i user.sql
broch=# \q

You should then have a database the server can run against, as well as the same test user and client application as for SQLite. The default connection string is dbname=broch so it should work with the database we just created.

$ stack exec broch -- --issuer=http://localhost:3000


OAuth2 and OpenID Connect in Haskell





No releases published


No packages published