Getting Started Add Your App SDK Examples OAuth Provider Purchases and Subscriptions Partner Integration
Docs OAuth Provider

OAuth Provider

MoonStore as OAuth2.1/OIDC provider with PKCE and partner scopes.

MoonStore as OAuth Provider

MoonStore acts as an OAuth2.1 + OIDC provider so third-party stores can link a MoonStore account and call payment APIs without handling MoonStore username/password directly.

Discovery and Core Endpoints

GET  /.well-known/openid-configuration
GET  /.well-known/jwks.json
GET  /oauth/link
GET  /api/v1/oauth/authorize
POST /api/v1/oauth/token
POST /api/v1/oauth/introspect
POST /api/v1/oauth/revoke
GET  /api/v1/oauth/userinfo

Scopes

Use least-privilege scopes based on your integration surface:

  • openid profile email
  • payments.checkout
  • payments.portal
  • subscriptions.cancel
  • entitlements.read
  • events.read
  1. Send user to https://moonstore.nanodata.cloud/oauth/link with PKCE challenge.
  2. Exchange authorization code at /api/v1/oauth/token.
  3. Call partner APIs with Bearer access token.
  4. Introspect or revoke tokens server-side when needed.