authentik
Keycloak
authentik | Keycloak | |
---|---|---|
172 | 248 | |
13,070 | 22,613 | |
6.3% | 3.1% | |
10.0 | 10.0 | |
6 days ago | 7 days ago | |
Go | Java | |
GNU General Public License v3.0 or later | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
authentik
- Ask HN: What type of Auth are you using on your side projects?
- Paperless-ngx: scan, index and archive all your physical documents
- Authentik: An open-source Identity Provider
-
Authelia and Lldap: Authentication, SSO, User Management[ ] for Home Networks
While authelia is quite cool "infra-as-code" tool, since you have your entire configuration in yaml form, for those not willing to spend a few evenings configuring SSO, there is authentik [1] which features management UI.
Offers similar feature set, also self-hostable, but most importantly - simple to set-up. I've spent 8h on authelia deployment, where 30 minutes in authentik would be sufficient. But both are good options, pick what you prefer.
1: https://goauthentik.io/
-
Ask HN: Who is hiring? (June 2024)
Authentik Security | Engineer | US | REMOTE (anywhere) | Full-time
Authentik Security (https://goauthentik.io) is the company behind authentik (https://github.com/goauthentik/authentik), an open source identity provider with over 250k+ unique installations and 12M+ downloads. Help us replace Okta/Auth0, Ping Identity, and Microsoft Entra with modern, secure identity for all!
We are a small remote team, looking to scale up with a couple experienced software engineers, primarily with a backend focus. Bonus points if you have significant experience with identity/SSO standards and/or Django/Python.
There is also the opportunity to be "forward deployed" spending 15-20% of time with enterprise customers (remotely) on configuration best practices and rollout strategies, _if_ that is of interest to the right candidate.
To apply, please use: https://forms.gle/TjRuTCec8M6UaN2Q8
-
Show HN: Stack, the open-source Clerk/Firebase Auth alternative
If you're looking for a system that has more features, is user friendly, a nice admin ui and easy deployments compared to Keycloak. Please give https://goauthentik.io/ a shot. Not affiliated in any way, just a very happy user.
It has
-an admin UI
- Supports (LDAP, SAML, OAUTH, social logins)
- MFA, Passkeys
- Application access based on user groups etc
- immich SSO with Authentik
-
Show HN: Auth0 OSS alternative Ory Kratos now with passwordless and SMS support
Hey, for authentik this is actually something we're actively working on: https://github.com/goauthentik/authentik/pull/8330, and this will be included in our next feature release in April!
(Disclaimer, I am founder and CTO of authentik)
-
Keycloak SSO with Docker Compose and Nginx
See here for the fix, which both implements the workaround suggested in the issue and also a much more standard-compliant method: https://github.com/goauthentik/authentik/pull/8471
-
Has anyone had any success setting Authentik up behind Caddy for a reverse proxy?
Ask in the correct places for support: https://github.com/goauthentik/authentik/discussions and https://github.com/caddyserver/caddy/issues
Keycloak
-
Optimizing Keycloak Caches: Best Practices for Embedded and External Infinispan
One common approach is to use an external Infinispan with a database persistence to store sessions outside of Keycloak, at least until version 26 makes the user session persistence feature (introduced in Keycloak version 25) a permanent part of Keycloak, moving beyond its previous preview status.
-
OAuth 2 Token Exchange with Spring Security and Keycloak
In today's interconnected digital landscape, companies often collaborate to provide seamless services to their users. In this post, we’ll explore a scenario involving two hypothetical companies: MyDoctor and MyHealth. We’ll demonstrate how MyHealth users can log in to MyDoctor using their MyHealth credentials, and how MyDoctor's backend can securely call MyHealth's APIs on behalf of the user. To achieve this, we’ll leverage OAuth 2 Token Exchange (RFC8693) with Spring Security and Keycloak.
-
OAuth 2 for SWEs working on AuthZ systems
Does not have LTS support so major version upgrades may be necessary when security patches are released. However, major version upgrades may cause breaking changes (which I have encountered a few times).
-
Introduction to Keycloak
export KC_VERSION=24.0.4 curl -LO https://github.com/keycloak/keycloak/releases/download/"${KC_VERSION}"/keycloak-"${KC_VERSION}".zip
Keycloak is an open-source project created by RedHat for Single Sign-On. It provides an Identity and Access Management (IAM) solution designed to secure application services. Additionally, it enables users to authenticate through various identity providers and use fine-grained permissions for regulating access to Software as a Service (SaaS) applications.
-
Securing Angular Apps with Keycloak
In this article we'll be using Keycloak to quickly secure a Angular application with user management and single sign on (SSO) using the open source IAMs Keycloak for Authentication and Authorization. We will demonstrate the integration by securing a page for logged-in users. This quickly provides a jump-off point to more complex integrations.
-
Identity: Self-Hosted or in the Cloud?
Keycloak is definitely not small but you might find that you can ignore enough of the functionality to pretend that it is.
https://github.com/keycloak/keycloak
-
Authorization pitfalls: what does Keycloak cloak?
I also thought the assignment appeared when developers were refactoring the code, which might have been even more complicated before. In the end, I found that the function was originally created this way (commit).
-
The 50 best open-source alternatives to popular SaaS software
GitHub: Keycloak GitHub Repository
- Spam in Keycloak GitHub Issues
What are some alternatives?
authelia - The Single Sign-On Multi-Factor portal for web apps
zitadel - ZITADEL - The best of Auth0 and Keycloak combined. Built for the serverless era.
Apache Shiro - Apache Shiro
keycloak-operator - ARCHIVED Kubernetes Operator for the no longer supported WildFly distribution of Keycloak
OPA (Open Policy Agent) - Open Policy Agent (OPA) is an open source, general-purpose policy engine.
jellyfin-plugin-ldapauth - LDAP Authentication for Jellyfin
IdentityServer - The most flexible and standards-compliant OpenID Connect and OAuth 2.x framework for ASP.NET Core
docker-swag - Nginx webserver and reverse proxy with php support and a built-in Certbot (Let's Encrypt) client. It also contains fail2ban for intrusion prevention.
Spring Security - Spring Security
vouch-proxy - an SSO and OAuth / OIDC login solution for Nginx using the auth_request module
FreeIPA - Mirror of FreeIPA, an integrated security information management solution