OAuth 2.0 support for secure API access

Enterprise customers can now use OAuth 2.0 to securely connect apps and scripts to Sourcegraph APIs with support for OIDC, PKCE, device auth, and M2M tokens.

Enterprise customers can now use OAuth 2.0 to securely connect apps and scripts to Sourcegraph APIs, just like you would with GitHub or GitLab. This includes full support for OIDC, PKCE, device auth, and M2M tokens.

With short-lived access tokens, your tools can act on behalf of users, making it easier to build custom automations and workflows on top of Sourcegraph. If you’ve been blocked from integrating because auth was missing or hard to manage, this clears the path.

Admins can create OAuth clients under Site admin > OAuth clients and use them to integrate with Sourcegraph via standard OAuth procedures.