# Authentication Hub Appmixer features an internal Authentication Hub, functioning as an authentication proxy, which simplifies the setup process by eliminating the need to register your own OAuth credentials with third-party services. This means all OAuth-based connectors offered by Appmixer are ready to use right out of the box. However, should you prefer to use your own OAuth credentials for enhanced customization or compliance reasons, you have the flexibility to do so. This can be done for all or selected connectors by specifying your OAuth credentials (`clientId` and `clientSecret`) as outlined in the [Connector Configuration](https://docs.appmixer.com/6.0/6.1/getting-started/services) section of this documentation. The Authentication Hub is enabled for all hosted Appmixer tenants. In self-managed installations, the Authentication Hub has to be explicitly set. ## Basic Setup To start using the Authentication Hub, the system plugin `auth-hub` has to be turned on. This is automatically turned on for Hosted Appmixer tenants and can be turned on by adding the `auth-hub` plugin ID to the `SYSTEM_PLUGINS` ENV variable. ```sh # Turning on the plugin SYSTEM_PLUGINS=auth-hub # Required variables AUTH_HUB_URL= # URL of the Authentication Hub AUTH_HUB_TOKEN={token} # Provided by Appmixer # Optional variables AUTH_HUB_AUTOMATIC=true|false # true by default ``` To request the `AUTH_HUB_TOKEN`, contact our customers support by sending email to [support@appmixer.com](https://mail:support@appmixer.com). ## Additional Configuration You can redirect all OAuth requests to the Authentication Hub, or you can use it just for a selected set of connectors. If the `AUTH_HUB_AUTOMATIC` is set to `true` then all OAuth requests for all installed connectors that do not have clientId/clientSecret (OAuth 2), or consumerKey/consumerSecret (OAuth 1) configured through the Backoffice (Connector Configuration), will be redirected to the Authentication Hub. This is useful, if you want to use all the available connectors, but don't want to create all the necessary OAuth apps. If the `AUTH_HUB_AUTOMATIC` is set to `false`, Appmixer checks the connector configuration. If the connector has clientId/clientSecret (OAuth 2), or consumerKey/consumerSecret (OAuth 1) configured through the Backoffice (Connector Configuration), Appmixer will not use the Authentication Hub (all OAuth requests will go directly from your Appmixer tenant to the relevant OAuth 3rd party). If you add `authHubUrl` to the connector configuration, all the authentication requests will be redirected to the Authentication Hub URL provided: