Skip to main content

Welcome to mgPass

mgPass is a complete identity platform built on Cloudflare Workers. It provides OAuth 2.0 / OIDC authentication, user management, role-based access control, and a loyalty rewards engine for the MG Digital ecosystem.

Authentication

OAuth 2.0 and OIDC flows for web, mobile, SPA, and machine-to-machine applications

User Management

Create, update, and manage users with roles, social login, and MFA

Rewards

Points engine with tier progression, catalog redemption, and mobile money cashback

API Reference

Complete endpoint documentation with interactive playground

Platform Architecture

mgPass is composed of three services:
  • auth-worker — The core API handling authentication, user management, RBAC, and rewards
  • admin console — Server-rendered admin dashboard for managing users, apps, roles, and rewards
  • account portal — User-facing self-service portal for profile, sessions, and rewards
All services run on Cloudflare Workers with D1 (SQLite) for persistence, KV for sessions and caching, and R2 for file storage.

Platform Overview

Architecture and core concepts

OAuth Flows

Authorization Code, PKCE, Client Credentials

Applications

Register and configure OAuth clients

RBAC

Roles, scopes, and permissions

Social Login

Google, Apple, and Facebook connectors

Webhooks

Identity and rewards event notifications