NIKOMARU
PORTFOLIO
JA
MineAuth Community

MineAuth

Role
Developer
Stack
Kotlin · Ktor · OpenTelemetry · Scalar
Year
2024 — Present
Status
Active
Document
mineauth.plugin.morino.party
Source
morinoparty/mineauth

Overview

MineAuth is a plugin that provides an OAuth 2/OpenID Connect authentication platform running on a Minecraft server. It was built so web applications and external services can safely work with player data already managed by server-side plugins and systems.

Figure 1: Screenshot of MoriPath

Background

MineAuth was developed to introduce SSO to a Minecraft server and let web applications and external services handle player data safely.

Morino Party, the community I belong to, operates a Minecraft server along with related systems such as a website, an official wiki, and a user-facing application called MoriPath, which is still under development. MoriPath needed an externally accessible API so each user could view and operate on their own information from the application. I also thought player authentication would be useful for future wiki administration, such as tracking which player on the server wrote or edited a page. Those needs led me to build MineAuth as an authentication platform with single sign-on.

Authentication Platform

I also considered established solutions such as Keycloak and Ory Hydra. They are reliable options with proven security records as OIDC providers. However, when integrating them with a Minecraft server, they would require operating separate servers or external databases and connecting them back to Minecraft-specific player data, which would make the overall architecture more complex.

Minecraft also has the concept of permissions for actions such as running commands, and I thought integrating with that model would make server operations smoother. Many Minecraft servers use LuckPerms as their permissions management plugin. MineAuth integrates with LuckPerms as well, enabling consistent permission management both inside and outside Minecraft.

Extensibility

MineAuth is designed not only for authentication, but also as a platform that lets external plugins add APIs as add-ons. Other plugins can register API endpoints with MineAuth and expose their own data or operations through MineAuth's authentication and authorization flow. This removes the need for every plugin to implement its own authentication layer and lets the Minecraft server use MineAuth as a shared API foundation.

Scalar makes the added endpoints easier to inspect through generated API documentation, while OpenTelemetry tracing helps follow API requests and internal processing. The project brings together SSO, OIDC, an extensible API platform, and observability in the context of a Minecraft plugin.

Figure 2: API documentation generated with Scalar