OAuth 2.0

Provide secure access to the Matomo API using scoped permissions. No static credentials.

This plugin adds a first-party OAuth 2.0 Authorization Server to Matomo, allowing external applications to securely access Matomo APIs using OAuth2 access tokens instead of token_auth.

It supports standard OAuth 2.0 flows including Authorization Code (PKCE), Client Credentials, and Refresh Token.

The OAuth 2.0 plugin replaces static authentication with a token-based flow tied to your existing login system. Each application requests permission, receives scoped access, and operates within defined limits. No need to distribute or manage long-lived credentials across tools and services.

Tokens expire by default, can be refreshed when needed, and revoked instantly without affecting other integrations. This reduces exposure and simplifies access management.

For teams running multiple integrations, OAuth 2.0 is the practical choice for secure, maintainable access to Matomo data. Every connection is authorised, bounded, and straightforward to control.

The OAuth 2.0 User Guide and the README.md cover how to get the most out of this plugin.

  • List Clients

  • Create Client

  • Edit Client

  • List Clients

  • Pause a Client

  • Resume a client

Version

5.0.2

License

GPL v3+

Keywords

authorization, oauth2, oauth 2, oauth 2.0, token, bearer token

Last Updated

Apr 27th 2026

Requirements

PHP >=8.1.0
Matomo >=5.0.0-b1,<6.0.0-b1
Matomo 5.x

Downloads

1692

Changelog

View Changelog

Authors

Matomo

Websites

GitHub

Developer

More from this developer

Support

Wiki:
https://github.com/matomo-org/plugin-OAuth2/wiki
Forum:
https://forum.matomo.org
Email:
hello@matomo.org
Issues / Bugs:
https://github.com/matomo-org/plugin-OAuth2/issues
Source:
https://github.com/matomo-org/plugin-OAuth2
Free Download for Matomo On-Premise Free Download for Matomo for WordPress

Please share