Report bugs and contribute

The original intent of the Nimbus OAuth 2.0 / OpenID Connect library was to provide a robust implementation of the specs for our Connect2id server. About a year into its development we decided to open source it under an Apache 2.0 licence, so that partners and customers as well as the broader community can benefit from it.

So far we’ve had few contributions, but we expect the SDK to gradually gain in popularity due to its comprehensive feature set and the increasing adoption of OpenID Connect in general.

General feedback and bug reports

Comments, feedback and bug reports will be much appreciated.

Please, submit your reports and pull requests (preferably with tests!) to the git repo at Bitbucket:

Nimbus OAuth 2.0 + OIDC SDK git repo

Responsible disclosure

If you suspect a critical vulnerability or wish to have a private discussion with the SDK maintainer, please write to Connect2id support.

We leave it up to your judgement to determine if the issue at hand is a critical vulnerability, or a general problem that is ok be posted to the public tracker.

Following developments and release announcements

Follow us on Twitter for all SDK updates and developments:

https://twitter.com/connect2id