OAuth2 Client Registration


For Wordpress we highly recommend the miniOrange WordPress OAuth Client plugin see their Setup Guide and Video Tutorial

Clients (applications which wish to connect to sheepAuth to authenticate users) need to register their applications and collect digital keys.


sheepCRM admin user account required. (If you don’t have an admin account please contact us and we will configure on your behalf)

  1. Navigate to https://auth.sheepcrm.com/o/applications/

  2. Register the Client

Client Name

is human readable name that will be used to show a message like “{Client Name}” wants to access your information

Client Type

choose confidential

Authorization grant type

choose Authorization code

Redirect URIs

(please provide just one) this is the callback that will retrieve an access token; it must be a valid URL and include https:// (Your website plugin or system will tell you the value to use.)


the sheepCRM database identifier (required unless the client for multiple Sheep databases).


A secure url (https) link to a square logo. This will be used as part of the login process

Security Policy

A secure url (https) link to the security policy for your application.

Terms and Conditions

A secure url (https) link to the terms and conditions for your application.

Your contact details

These details will not be made public but will be used by sheepCRM to communicate with you about your integration.

  1. A client ID and secret are returned - keep these safe.

  2. Use the client ID and secret to configure the OAuth client





user infomation


token url method


Available Scopes to request


view your profile information: first_name, last_name, photo,


update your profile


view your membership information: active_member, membership_type, membership_start_date, membership_end_date


Introspect token scope

authorization optional parameters:


your sheep database identifier (this is required if the client is for multiple Sheep databases)


force - users are always prompted for authorization. auto - users are prompted only the first time, subsequent authorizations for the same application and scopes will be automatically accepted.


Digital Ocean provide a great tutorial that explains how OAuth works. https://www.digitalocean.com/community/tutorials/an-introduction-to-oauth-2