Custom OAuth Provider and Social Provider with TIB


I have a custom oauth provider, could I use this custom oauth provider with TIB for authenication. Then TIB allow to login the app with user information. If possible, How do I modify the TIB to handle this?

Moreover I am able to redirect to the app with TIB using google as the provider. But I got some error in the log.

What does this mean?

Also, Could I get the user information from google after I pass through the TIB?

Thank you very much.


The OAuth providers bundled with TIB are pretty specific, you would probably need to fork and clone the github OAuth handler (it’s very generic) to get the callback URLs set properly, so out of the box, no it won;t work. [There’s a generic OAuth handler branch in development] at the moment, but it isn’t hooked up yet.

It looks like you are getting the error because the dashboard credentials are incorrect in your profile configuration. you will need to ensure the Dashboard Credentials are a valid Tyk Dashboard user

Yes, TIB will generate a user object from the google info and then embed that data into the token meta_data of the token so you can inject it into the header, or look it up with the API later.

Hello Martin,

  1. this mean I can only use the listed social provider now (e.g. gplus, twitter…) or I can modify the github oauth handler to get the callback URL set properly, then the custom oauth provider should work.

  2. Solved by entering the correct Tyk Dashboard API Access Credentials.

  3. Sorry I cannot find the user object in token meta_data, any method that I can find that object and which api i can call to get the user object back.

Thank you very much.


Yes, at the moment making a custom auth handler is hard because we haven’t released a template yet. We’re building a “generic” version now, it’s in a branch on TIB, but as I said, not hooked up yet (or tested!).

TIB will add these fields if you use a matched OAuth provider, and add these fields if you are just generating a bearer token.

You can verify this by checking the token in your dashboard.

  1. As I see in this doc, is it not supporting facebook as the third party auth provider?

  2. After I check with the dashboard, I found the below metadata attached. Could I attached the username too? If possible, May I know the steps to do this?

Yeah not yet, but you can add it, gothic supports FB, we just haven’t tested it, so it isn’t bundled.

Not all providers give you a username, so we attach the user ID and access token (e.g. Google+ will provide an email, but GH won’t), that way it can be resolved by the upstream service.

Hello Martin:
We have used the tyk gateway achieved that in a POC. For Oauth2.0 API. use the social of github provider to get Access token,Successful access to the API.
Next, we expect to implement a provider of our own, like github(have login function,Authenticate user, provide scope).
Please provide guidance, what functions to implement in order to achieve Oauth2.0 with the purpose of generating Access token with TIB !
I am looking forward to you reply, thank you.