OAuth
Pore v0 authenticates clients with tenant-scoped API keys. OAuth 2.0 support is a v0.5 surface for integrations that act on behalf of end users.
Planned flows
Section titled “Planned flows”- Authorization Code with PKCE — for public clients.
- Client Credentials — for machine-to-machine integrations that do not act on behalf of a user.
Planned endpoints
Section titled “Planned endpoints”GET /v1/oauth/authorize— initiate the flow.POST /v1/oauth/token— exchange code for token; refresh tokens.POST /v1/oauth/revoke— revoke a token.GET /v1/oauth/introspect— token introspection per RFC 7662.
Scopes
Section titled “Scopes”The same scope mask that applies to API keys (check:read, grant:write,
admin) will apply to OAuth tokens.
Refer to this page after the v0.5 release for endpoint shapes and integration guidance.