Auth Service

Stateless OAuth2 authentication with Google, issuing RS256-signed JWTs

What is this?

This is a centralized authentication service that handles login with Google and issues secure JSON Web Tokens (JWTs). Applications validate tokens locally using public keys, without needing database access.

Key features:

Sign in with Google OAuth2
RS256-signed JWTs for secure, decentralized token validation
Cookie-based auth for subdomains, or token-based for external apps
Public JWKS endpoint for token verification

Available Endpoints

GET /login - Start authentication flow

GET /logout - Clear auth cookie

GET /userinfo - Get current user info

POST /refresh - Refresh token

GET /.well-known/jwks.json - Public keys for JWT validation

Documentation & Source

Learn how to integrate this auth service into your applications.

Integration Guide GitHub Repository