Thanks to the detailed answer from @Kxepal, OAuth works with CouchDB replication. Now I'm looking for information on how to replace keys known to the administrator using the X509 keys (or others), so the administrator will only have the user's public key and cannot impersonate it.
What are the steps to enable replication for CouchDB using keys for OAuth authentication.
source share