Skip to main content
OAuth applications allow you to create client credentials for third-party applications that need to authenticate users via OAuth 2.0 on your Mighty Network. This is useful when you want to build custom integrations or allow external apps to access your network’s Headless API on behalf of your members.
OAuth applications are available on the Scale Plan and above.

Access OAuth applications settings

  1. Go to Admin from the main navigation
  2. Navigate to Settings > OAuth Applications

Create a new OAuth application

1

Open the creation dialog

Click the New OAuth Application button.
2

Enter application details

Fill in the required fields:
  • Application Name: A descriptive name to identify the application (e.g., “Mobile App”, “CRM Integration”)
  • Redirect URI: The callback URL where users are sent after authorization. You can enter multiple URIs separated by newlines (e.g., https://myapp.com/oauth/callback)
3

Select scopes

Choose the permissions your application needs. Scopes are divided into two categories:Host scopes grant access to manage network-level content:
  • host:read:network_events — View events in the network
  • host:read:network_spaces — View spaces in the network
  • host:read:network_members — View members in the network
  • host:read:network_plans — View plans in the network
  • host:read:network_posts — View posts in the network
Member scopes grant access to member-level actions:
  • read:posts — View posts the user has created
  • read:courses — View courses and course progress
  • read:search — Search network content on the user’s behalf
  • write:posts — Create, edit, and delete posts on the user’s behalf
  • write:comments — Create, edit, and delete comments on the user’s behalf
Host scopes can only be authorized by users who are hosts on your network. If a non-host user tries to authorize an application that requests host scopes, the authorization will be denied. Each scope is flagged as host-only or member-level in the application settings.
4

Choose the client type

  • Confidential client (checked by default): Use for server-side applications that can securely store a client secret
  • Public client (unchecked): Use for native or single-page applications where the client secret cannot be kept secure. Public clients require PKCE (Proof Key for Code Exchange) for security
5

Save the application

Click Create. Your application’s Client ID and Client Secret are displayed on the application card.
Copy and securely store the Client Secret immediately. You can reveal it later, but treat it like a password — never expose it in client-side code or version control.

View your OAuth applications

All registered OAuth applications are listed on the OAuth Applications settings page. Each application card displays:
  • Application name
  • Client ID — The public identifier used in OAuth flows (with a copy button)
  • Client Secret — Displayed only for confidential clients (with reveal/hide and copy buttons)
  • Redirect URI — The registered callback URL
  • Type — Either “Confidential” or “Public (PKCE required)”
  • Scopes — The permissions granted to the application

Edit an OAuth application

  1. Click the pencil icon on the application card you want to edit
  2. Update the name, redirect URI, scopes, or client type
  3. Click Save

Delete an OAuth application

  1. Click the trash icon on the application card
  2. Confirm the deletion in the dialog
Deleting an OAuth application is permanent and cannot be undone. Any integrations using this application’s credentials will immediately stop working.

API overview

Learn about the Mighty Networks API.

SSO with OAuth 2.0

Set up single sign-on for your network.