Getting Started

This guide is relevant for Ruby on Rails with ActiveRecord. It assumes you have a User model using Devise as the authentication framework.

If you want to see how doorkeeper integrates with an existing application, check out the doorkeeper-provider-app repository, which is based on this guide.


The first step is to add Doorkeeper to your project's dependencies:

bundle add doorkeeper

After that, you need to generate relevant files with:

bundle exec rails generate doorkeeper:install

This will introduce three changes:

  1. A new initializer in config/initializers/doorkeeper.rb

  2. Add doorkeeper's routes to config/routes.rb

  3. Locale files in config/locales/doorkeeper.en.yml


To generate appropriate tables, run:

$ bundle exec rails generate doorkeeper:migration
    create  db/migrate/20190324080634_create_doorkeeper_tables.rb

This migration will create all necessary tables for oAuth2 Applications, Access Grants, and Access Tokens. See the database design for more details.

NOTE: If using UUIDs instead of integer IDs, see Using PostgreSQL UUIDs as primary keys with Doorkeeper for changes you will need to make to your migration.

Integrating with existing User Model

Before executing the migration, you may want to add foreign keys to doorkeeper's tables to ensure data integrity. Go to the migration file and uncomment the lines below:

# Uncomment below to ensure a valid reference to the resource owner's table
add_foreign_key :oauth_access_grants, :users, column: :resource_owner_id
add_foreign_key :oauth_access_tokens, :users, column: :resource_owner_id

Now you're ready to run the migrations:

bundle exec rake db:migrate

As the next step, you may want to add associations to your model. If you skip this step, you'll encounter ActiveRecord::InvalidForeignKeyerror when you try to destroy the User that has associated access grants or access tokens.

class User < ApplicationRecord
  has_many :access_grants,
           class_name: 'Doorkeeper::AccessGrant',
           foreign_key: :resource_owner_id,
           dependent: :delete_all # or :destroy if you need callbacks

  has_many :access_tokens,
           class_name: 'Doorkeeper::AccessToken',
           foreign_key: :resource_owner_id,
           dependent: :delete_all # or :destroy if you need callbacks

Last updated