diff --git a/passbook/oauth_provider/admin.py b/passbook/oauth_provider/admin.py
deleted file mode 100644
index ee01aa799..000000000
--- a/passbook/oauth_provider/admin.py
+++ /dev/null
@@ -1,4 +0,0 @@
-"""passbook oauth provider Admin"""
-from passbook.lib.admin import admin_autoregister
-
-admin_autoregister('passbook_oauth_provider')
diff --git a/passbook/oauth_provider/migrations/0001_initial.py b/passbook/oauth_provider/migrations/0001_initial.py
index 8b17a1f33..483ca9af7 100644
--- a/passbook/oauth_provider/migrations/0001_initial.py
+++ b/passbook/oauth_provider/migrations/0001_initial.py
@@ -1,6 +1,7 @@
-# Generated by Django 2.1.3 on 2018-11-22 10:03
+# Generated by Django 2.1.3 on 2018-11-24 10:27
 
 import django.db.models.deletion
+import oauth2_provider.generators
 from django.conf import settings
 from django.db import migrations, models
 
@@ -10,8 +11,8 @@ class Migration(migrations.Migration):
     initial = True
 
     dependencies = [
-        ('passbook_core', '0001_initial'),
-        migrations.swappable_dependency(settings.OAUTH2_PROVIDER_APPLICATION_MODEL),
+        migrations.swappable_dependency(settings.AUTH_USER_MODEL),
+        ('passbook_core', '0002_application_skip_authorization'),
     ]
 
     operations = [
@@ -19,8 +20,20 @@ class Migration(migrations.Migration):
             name='OAuth2Provider',
             fields=[
                 ('provider_ptr', models.OneToOneField(auto_created=True, on_delete=django.db.models.deletion.CASCADE, parent_link=True, primary_key=True, serialize=False, to='passbook_core.Provider')),
-                ('oauth2_app', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, to=settings.OAUTH2_PROVIDER_APPLICATION_MODEL)),
+                ('client_id', models.CharField(db_index=True, default=oauth2_provider.generators.generate_client_id, max_length=100, unique=True)),
+                ('redirect_uris', models.TextField(blank=True, help_text='Allowed URIs list, space separated')),
+                ('client_type', models.CharField(choices=[('confidential', 'Confidential'), ('public', 'Public')], max_length=32)),
+                ('authorization_grant_type', models.CharField(choices=[('authorization-code', 'Authorization code'), ('implicit', 'Implicit'), ('password', 'Resource owner password-based'), ('client-credentials', 'Client credentials')], max_length=32)),
+                ('client_secret', models.CharField(blank=True, db_index=True, default=oauth2_provider.generators.generate_client_secret, max_length=255)),
+                ('name', models.CharField(blank=True, max_length=255)),
+                ('skip_authorization', models.BooleanField(default=False)),
+                ('created', models.DateTimeField(auto_now_add=True)),
+                ('updated', models.DateTimeField(auto_now=True)),
+                ('user', models.ForeignKey(blank=True, null=True, on_delete=django.db.models.deletion.CASCADE, related_name='passbook_oauth_provider_oauth2provider', to=settings.AUTH_USER_MODEL)),
             ],
-            bases=('passbook_core.provider',),
+            options={
+                'abstract': False,
+            },
+            bases=('passbook_core.provider', models.Model),
         ),
     ]
diff --git a/passbook/oauth_provider/models.py b/passbook/oauth_provider/models.py
index 24ae516f4..79c46b72d 100644
--- a/passbook/oauth_provider/models.py
+++ b/passbook/oauth_provider/models.py
@@ -1,12 +1,12 @@
 """Oauth2 provider product extension"""
 
-from django.db import models
-from oauth2_provider.models import Application
+from oauth2_provider.models import AbstractApplication
 
 from passbook.core.models import Provider
 
 
-class OAuth2Provider(Provider):
+class OAuth2Provider(Provider, AbstractApplication):
     """Associate an OAuth2 Application with a Product"""
 
-    oauth2_app = models.ForeignKey(Application, on_delete=models.CASCADE)
+    def __str__(self):
+        return self.name
diff --git a/passbook/oauth_provider/settings.py b/passbook/oauth_provider/settings.py
index 79072e0d2..5cd3c28b6 100644
--- a/passbook/oauth_provider/settings.py
+++ b/passbook/oauth_provider/settings.py
@@ -7,10 +7,17 @@ MIDDLEWARE = [
     'oauth2_provider.middleware.OAuth2TokenMiddleware',
     'corsheaders.middleware.CorsMiddleware',
 ]
-INSTALLED_APPS = [
-    'oauth2_provider',
-    'corsheaders',
-]
 AUTHENTICATION_BACKENDS = [
     'oauth2_provider.backends.OAuth2Backend',
 ]
+
+OAUTH2_PROVIDER_APPLICATION_MODEL = 'passbook_oauth_provider.OAuth2Provider'
+
+OAUTH2_PROVIDER = {
+    # this is the list of available scopes
+    'SCOPES': {
+        'openid:userinfo': 'Access OpenID Userinfo',
+        # 'write': 'Write scope',
+        # 'groups': 'Access to your groups'
+    }
+}
diff --git a/passbook/oauth_provider/templates/oauth2_provider/authorize.html b/passbook/oauth_provider/templates/oauth2_provider/authorize.html
new file mode 100644
index 000000000..cf7ae5cd0
--- /dev/null
+++ b/passbook/oauth_provider/templates/oauth2_provider/authorize.html
@@ -0,0 +1,58 @@
+{% extends "login/base.html" %}
+
+{% load utils %}
+{% load i18n %}
+
+{% block title %}
+{% title 'SSO - Authorize External Source' %}
+{% endblock %}
+
+{% block card %}
+<header class="login-pf-header">
+  <h1>{% trans 'SSO - Authorize External Source' %}</h1>
+</header>
+{% include 'partials/messages.html' %}
+<form method="POST">
+    {% csrf_token %}
+    {% if not error %}
+        {% csrf_token %}
+        {% for field in form %}
+        {% if field.is_hidden %}
+            {{ field }}
+        {% endif %}
+        {% endfor %}
+        <div class="form-group">
+            <p class="subtitle">
+                {% blocktrans with remote=application.name %}
+                You're about to sign into {{ remote }}
+                {% endblocktrans %}
+            </p>
+            <p>{% trans "Application requires following permissions" %}</p>
+            <ul>
+                {% for scope in scopes_descriptions %}
+                <li>{{ scope }}</li>
+                {% endfor %}
+            </ul>
+            {{ form.errors }}
+            {{ form.non_field_errors }}
+            <p>
+                {% blocktrans with user=user %}
+                You are logged in as {{ user }}. Not you?
+                {% endblocktrans %}
+                <a href="{% url 'passbook_core:auth-logout' %}">{% trans 'Logout' %}</a>
+            </p>
+            <div class="form-group">
+                <button type="submit" class="btn btn-success btn-lg">{% trans 'Continue' %}</button>
+                <a href="{% back %}" class="btn btn-default btn-lg">{% trans "Cancel" %}</a>
+            </div>
+        </div>
+    {% else %}
+    <div class="login-group">
+        <p class="subtitle">
+            {% blocktrans with err=error.error %}Error: {{ err }}{% endblocktrans %}
+        </p>
+        <p>{{ error.description }}</p>
+    </div>
+    {% endif %}
+</form>
+{% endblock %}
diff --git a/passbook/oauth_provider/templates/oauth2_provider/base.html b/passbook/oauth_provider/templates/oauth2_provider/base.html
new file mode 100644
index 000000000..8759a6fae
--- /dev/null
+++ b/passbook/oauth_provider/templates/oauth2_provider/base.html
@@ -0,0 +1 @@
+{% extends "base/skeleton.html" %}
\ No newline at end of file