Zero-dependency OAuth 2.0 client for Node.js and Python.
Built by Analytics With Harry — Squid Consultancy Group Limited.
scg-auth is a lightweight OAuth 2.0 / OpenID Connect client library with zero external dependencies. It works with any OAuth 2.0 provider — your own server, an enterprise IdP, or a cloud provider.
npm install scg-auth # Node.js
pip install scg-auth # Python
| Feature | scg-auth |
|---|---|
| Zero external dependencies | ✅ |
| Node.js + Python | ✅ |
| PKCE S256 (Authorization Code) | ✅ |
| Client Credentials | ✅ |
| Refresh Token | ✅ |
| Device Code | ✅ |
| TypeScript types included | ✅ |
| Works with ANY OAuth provider | ✅ |
| MIT License | ✅ |
=== “Node.js”
```js
const SCGAuth = require('scg-auth');
const client = new SCGAuth({
clientId: 'my-app',
authorizationUrl: 'https://your-server.com/authorize',
tokenUrl: 'https://your-server.com/token',
redirectUri: 'http://localhost:3000/callback',
scopes: ['openid', 'email', 'profile'],
});
// Step 1 — Build the login URL (PKCE + state auto-generated)
const { url, state } = client.generateAuthUrl({ pkce: true });
// Step 2 — After redirect back, exchange the code
const tokens = await client.exchangeCode(code, { state });
console.log(tokens.access_token);
```
=== “Python”
```python
from scg_auth import SCGAuth
client = SCGAuth(
client_id='my-app',
authorization_url='https://your-server.com/authorize',
token_url='https://your-server.com/token',
redirect_uri='http://localhost:3000/callback',
scopes=['openid', 'email', 'profile'],
)
# Step 1 — Build the login URL
result = client.generate_auth_url(pkce=True)
# Step 2 — Exchange the code
tokens = client.exchange_code(code, state=result['state'])
print(tokens['access_token'])
```
The Live Demo page shows a complete OAuth 2.0 flow using a fully self-hosted server — no Google, no GitHub.
MIT — Copyright © 2026 Analytics With Harry — Squid Consultancy Group Limited