API auth - oauth2

In Spree 3.7, released in Feb 2019, spree presents its “store front api v2” that is now using doorkeeper to implement oauth 2: https://github.com/doorkeeper-gem/doorkeeper


  • oauth is the standard for api auth so we should have it: how important it is for ofn to implement oauth? I believe this is very very important as we currently only support api key and rails sessions.
  • what other alternatives (to doorkeeper) do you recommend for implementing oauth?

I only worked with Doorkeeper and just a little bit. It was implemented by someone else in the team.

I’m not familiar with other auth aproaches but I’d go with it.