SuperTokens Community
authentik
Our great sponsors
- InfluxDB - Collect and Analyze Billions of Data Points in Real Time
- Onboard AI - Learn any GitHub repo in 59 seconds
- SaaSHub - Software Alternatives and Reviews
| SuperTokens Community | authentik | |
|---|---|---|
| 111 | 156 | |
| 10,790 | 5,148 | |
| 3.4% | 5.1% | |
| 9.0 | 9.9 | |
| about 2 hours ago | 6 days ago | |
| Java | Go | |
| GNU General Public License v3.0 or later | GNU General Public License v3.0 or later |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
SuperTokens Community
-
🚀 Top 12 Open Source Auth Projects Every Developer Should Know 🔑
SuperTokens
-
The Developer-First Security Week free event (Aug 7-11)
The Developer-First Security Week event is on August 7-11. The theme is shifting left with a security mindset with top expert speakers from Snyk, BoxyHQ, Microsoft, Google, Gitlab, Bearer, SuperTokens, Cerbos, and more...Come learn with us as the speakers dive into complex topics on Authorization, Authentication, Data Privacy.
-
Top open source security devtools you need to know about
GitHub: https://github.com/supertokens/supertokens-core Website: https://supertokens.com/
-
Introducing Pezzo: Open-source AI Development Toolkit 🚀
Signing up - You're not actually signing up to anything. Supertokens (open source auth provider) is running locally on your machine. It's just a means for you to be able to have an account (and soon invite others to your project to collaborate together). The data doesn't leave your computer.
-
Supertokens: Open-Source Alternative to Auth0 / Firebase Auth / AWS Cognito
I see a feature flag and a license check class.
https://github.com/supertokens/supertokens-core/tree/master/...
"[...] it is forbidden to copy, merge, publish, distribute, sublicense, and/or sell the Software." [1]
"Open source is source code that is made freely available for possible modification and redistribution." [2]
[1] https://github.com/supertokens/supertokens-core/blob/master/...
-
FastAPI as a authentication provider
Take a look at supertokens which integrates with fastapi https://supertokens.com
-
Show HN: Open-source Auth0 alternative Ory Kratos v0.13 released – nearing v1.0
Why are people still using Ory Kratos? It's still incredibly confusing documentation. Large fan of projects like: https://supertokens.com/ that focus on making authentication workflow implementation really easy.
-
10+ Open-Source Projects For Web Developers In 2023
GitHub Stars: 8.5 K GitHub Link: https://github.com/supertokens/supertokens-core
authentik
-
Show HN: Obligator – An OpenID Connect server for self-hosters
Personally I went with Keycloak, because it's fairly well documented and also has Docker images available: https://www.keycloak.org/getting-started/getting-started-doc... although the fact that they want you to create an "optimized" image yourself and have a long build/setup process on startup instead is slightly annoying: https://www.keycloak.org/server/containers
Regardless, with something like mod_auth_openidc or another Relying Party implementation, all of the sudden authn/authz becomes easier to manage (you can literally get user information including roles in headers that are passed from your gateway/relying party to apps behind the reverse proxy), regardless of what you have actually running in your APIs: https://github.com/OpenIDC/mod_auth_openidc (there are other options, of course, but I went with that because I already use mod_md).
It's actually cool that there are plentiful options in the space, since OIDC is pretty complex in of itself and attempts at creating something pleasant to actually use are always welcome, I've also heard good things about Authentik: https://goauthentik.io/
-
HAProxy with Forward Auth to Authentik
For Authentik, it looks like they are not interested to write how to configure HAProxy with it https://github.com/goauthentik/authentik/issues/5768
- Authentik reverse proxy vs swag
-
Authentik + Cloudflare + Nginx = 500 error
Have you tried /r/Nginx and /r/CloudFlare? And Authentik has a Discord server: https://goauthentik.io/discord and Github discussion and issues page: https://github.com/goauthentik/authentik/discussions
-
K3S, Authentik, And Practical Use
My thought is to have the ZAC only be accessible to users connected to OpenZiti, and to have the ZAC behind/to the side of Authentik for SSO.
-
Keycloak – Open-Source Identity and Access Management Interview
We used keycloak for openid identity provider as well. It is fine to setup keycloak once. But it is painful share the setup with other engineers.
For local development, we end up using dex (https://dexidp.io). When we need support group/role, we use dex and glauth(https://glauth.github.io). Both dex and glauth can be configured with yaml files. We just created a few yaml files and a docker compose file, every engineer can be brought up the whole environment in a few seconds.
Also https://www.authelia.com and https://github.com/goauthentik/authentik look pretty promising, if you need more advanced features from them.
What do folks think about authentik[0]?
I tried to set up Keycloak but after fiddling with it for awhile before giving up and trying something else. It felt really weird that I was just extracting a tar and running a jar instead of some pre-packaged solution, but that might just be me.
authentik was pretty easy to set up for my homelab, but maybe I'm missing something given all the positive recommendations for Keycloak?
-
How to build Auth in 2023 with go?
I like this one: https://goauthentik.io/
-
Keycloak vs. Authentik vs. Authelia, help choose SSO
Authentik has been working great for me. The developer is very active and any reported cve’s are patched accordingly: https://github.com/goauthentik/authentik/security
I'm guessing it's this issue. Seems to only be an LDAP issue, but yeah definitely needs more eyes on this one. https://github.com/goauthentik/authentik/issues/1644
What are some alternatives?
authelia - The Single Sign-On Multi-Factor portal for web apps
Keycloak - Open Source Identity and Access Management For Modern Applications and Services
keycloak-operator - ARCHIVED Kubernetes Operator for the no longer supported WildFly distribution of Keycloak
zitadel - ZITADEL - The best of Auth0 and Keycloak combined. Built for the serverless era.
jellyfin-plugin-ldapauth - LDAP Authentication for Jellyfin
docker-swag - Nginx webserver and reverse proxy with php support and a built-in Certbot (Let's Encrypt) client. It also contains fail2ban for intrusion prevention.
vouch-proxy - an SSO and OAuth / OIDC login solution for Nginx using the auth_request module
caddy-auth-portal - Authentication Plugin for Caddy v2 implementing Form-Based, Basic, Local, LDAP, OpenID Connect, OAuth 2.0 (Github, Google, Facebook, Okta, etc.), SAML Authentication. MFA with App Authenticators and Yubico.
external-auth-server - easy auth for reverse proxies
Ory Kratos - Next-gen identity server (think Auth0, Okta, Firebase) with Ory-hardened authentication, PassKeys, MFA, FIDO2, TOTP, WebAuthn, profile management, identity schemas, social sign in, registration, account recovery, passwordless. Golang, headless, API-only - without templating or theming headaches. Available as a cloud service.
ToolJet - Low-code platform for building business applications. Connect to databases, cloud storages, GraphQL, API endpoints, Airtable, Google sheets, OpenAI, etc and build apps using drag and drop application builder. Built using JavaScript/TypeScript. 🚀
pam-keycloak-oidc - PAM module connecting to Keycloak for user authentication using OpenID Connect/OAuth2, with MFA/2FA/TOTP support