Discord OAuth2 Guide 2026: Add Login with Discord to Your App

Published on

How to implement Discord OAuth2: authorization flow, scopes, access tokens, user data retrieval, and adding 'Login with Discord' to your website or bot dashboard.

Discord OAuth2 lets users log into your website or bot dashboard using their Discord account. It is used by bot dashboards, community websites, and game server panels.

How It Works

  1. User clicks "Login with Discord" on your site
  2. They are redirected to Discord's authorization page
  3. They approve the requested permissions (scopes)
  4. Discord redirects back to your site with an authorization code
  5. Your server exchanges the code for an access token
  6. You use the token to fetch user data from Discord's API

Setting Up

1. Create a Discord Application

Go to the Discord Developer Portal and create an application. Note the Client ID and Client Secret.

2. Add a Redirect URI

In your application settings, add a redirect URI:

https://yourdomain.com/auth/discord/callback

3. Build the Authorization URL

https://discord.com/api/oauth2/authorize?client_id=YOUR_CLIENT_ID&redirect_uri=YOUR_REDIRECT_URI&response_type=code&scope=identify%20guilds

4. Exchange Code for Token (Server-Side)

// Node.js example
const response = await fetch('https://discord.com/api/oauth2/token', {
  method: 'POST',
  headers: { 'Content-Type': 'application/x-www-form-urlencoded' },
  body: new URLSearchParams({
    client_id: 'YOUR_CLIENT_ID',
    client_secret: 'YOUR_CLIENT_SECRET',
    grant_type: 'authorization_code',
    code: authorizationCode,
    redirect_uri: 'YOUR_REDIRECT_URI',
  }),
});
const data = await response.json();
// data.access_token

5. Fetch User Data

const user = await fetch('https://discord.com/api/users/@me', {
  headers: { Authorization: `Bearer ${data.access_token}` },
}).then(r => r.json());
// user.id, user.username, user.avatar

Common Scopes

ScopeAccess
identifyUser ID, username, avatar
emailUser email address
guildsList of user's servers
guilds.joinAdd user to a server
botAdd a bot to a server

Security Notes

  • Never expose your Client Secret in client-side code
  • Always exchange the authorization code server-side
  • Validate the state parameter to prevent CSRF
  • Store access tokens securely

FAQ

What is Discord OAuth2? An authentication system that lets users log into your app using their Discord account.

Is Discord OAuth2 free? Yes. It is part of the Discord API.

Can I get a user's email with OAuth2? Yes, if you request the email scope and the user approves.

Related: Discord bot dashboard guide, Discord bot security, Discord bot rate limits

Keep Your Bot Online 24/7

Reliable Discord bot hosting powered by enterprise AMD Ryzen 9 hardware. Start free, upgrade anytime with guaranteed uptime.

Deploy Your BotNeed Help?