An official website of the United States government US flag signifying that this is a United States federal government website identity provider identity provider

You can leverage’s identity hub to reduce the burden of authenticating users from government agencies and partners in your app.


Plan Name Description Price
oauth-client OAuth2 client credentials for authenticating users in your app Free

How to create an instance

To create a service instance, run the following command:

cf create-service cloud-gov-identity-provider oauth-client my-uaa-client \
  -c '{"redirect_uri": [""]}'

By default, identity provider service instances use the openid scope. You can request custom scopes using the scopes option:

cf create-service cloud-gov-identity-provider oauth-client my-uaa-client \
  -c '{"redirect_uri": [""], "scopes": ["openid", ""]}'

Note: The user will be prompted to grant any permissions required by custom scopes the first time they login to your application. You can only request the openid and scopes at present. (The scope enables your application to make read-only queries to the API on behalf of the user.)

Obtaining credentials

Once you’ve created the service instance, you’ll want to obtain your client ID and client secret:

cf service my-uaa-client

This will display a link to a page on Fugacious which contains your credentials.

More information

See leveraging authentication for details.

The broker in GitHub

You can find the broker here: