Authentication in Oxy

Oxy provides flexible authentication options for both local and cloud mode deployments. Authentication supports both single-user local development environments and multi-tenant cloud deployments.

Quick Start

Choose the authentication method that best fits your needs:

Email & Password

Built-in authentication with SMTP verification. No external dependencies required.

Google OAuth

Social login with Google accounts. One-click sign-in for users.

Okta OAuth

Enterprise SSO integration with Okta Identity Cloud.

API Keys

Programmatic access for automation and integrations.

Authentication Modes

Built-in Authentication

Self-contained authentication with multiple sign-in options:

Method	Setup Complexity	Best For	Documentation
Email/Password	🟢 Low	Quick start, full control	View Guide
Google OAuth	🟡 Medium	Social login, zero password management	View Guide
Okta OAuth	🟡 Medium	Enterprise SSO, existing Okta deployment	View Guide

Quick Configuration:

# Email/Password only
export SMTP_USER=noreply@yourdomain.com
export SMTP_PASSWORD=your_smtp_password

# Add Google OAuth
export GOOGLE_CLIENT_ID=your_client_id.apps.googleusercontent.com
export GOOGLE_CLIENT_SECRET=your_client_secret

# Add Okta OAuth
export OKTA_CLIENT_ID=your_okta_client_id
export OKTA_CLIENT_SECRET=your_okta_client_secret
export OKTA_DOMAIN=your-domain.okta.com

# Start Oxy (works in both local and cloud mode)
oxy serve --port 3000

Multiple Authentication Methods

You can enable multiple authentication methods simultaneously. Users will see all available sign-in options and can choose their preferred method:

# Enable all built-in methods
export SMTP_USER=noreply@yourdomain.com
export SMTP_PASSWORD=your_smtp_password
export GOOGLE_CLIENT_ID=your_google_client_id
export GOOGLE_CLIENT_SECRET=your_google_client_secret
export OKTA_CLIENT_ID=your_okta_client_id
export OKTA_CLIENT_SECRET=your_okta_client_secret
export OKTA_DOMAIN=your-domain.okta.com

oxy serve

Authentication

​Authentication in Oxy

​Quick Start