Go Authentication and OAuth

Open-source Go projects categorized as Authentication and OAuth
Edit details
Golang Go JWT Authentication Oauth2
Deploy and host your apps and databases, now with $50 credit!
Sevalla is the PaaS you have been looking for! Advanced deployment pipelines, usage-based pricing, preview apps, templates, human support by developers, and much more!
sevalla.com
featured

Top 23 Go Authentication and OAuth Projects

Authentication and OAuth

  1. casbin

    An authorization library that supports access control models like ACL, RBAC, ABAC in Golang: https://discord.gg/S5UjpzGZjN

    Project mention: Secure Your Business Systems: 6 Developer Tools with RBAC Support | dev.to | 2025-07-23

    Website: https://casbin.org/

  2. Sevalla

    Deploy and host your apps and databases, now with $50 credit! Sevalla is the PaaS you have been looking for! Advanced deployment pipelines, usage-based pricing, preview apps, templates, human support by developers, and much more!

    Sevalla logo

  3. goth

    Package goth provides a simple, clean, and idiomatic way to write authentication packages for Go web applications.

    Project mention: Show HN: Clace – Application Server with support for scaling down to zero | news.ycombinator.com | 2024-09-11

    Thanks, need to make the docs less verbose in some places :-)

    https://clace.io/docs/configuration/authentication/ lists the supported auth mechanisms for apps. A builtin system account is the default. The OAuth providers supported are : github google digitalocean bitbucket amazon azuread microsoftonline gitlab auth0 okta oidc. Any other provider supported by https://github.com/markbates/goth can be easily added, with a small code change.

    For admin operations (creating/updating apps) using the client CLI, a unix domain socket is used. File system permissions are used, no other auth is used for UDS. A REST API for admin operations can be optionally enabled, in which case it will use the system account https://clace.io/docs/configuration/security/#admin-api-acce....

    Client cert based auth is not supported currently. Were you wanting that for app access or for admin API access?

    In terms of performance, I did some testing few months back. The app access API does not hit the database (sqlite), everything is cached after the first call. So the performance will be limited by the API performance of the downstream container. The Clace server itself should not be a bottleneck. First API call to a containerized app builds the image and starts the container. That depends on how fast the image build and container startup are.

  4. oauth2

    Go OAuth2

  5. Ory Keto

    The most scalable and customizable permission server on the market. Fix your slow or broken permission system with Google's proven "Zanzibar" approach. Supports ACL, RBAC, and more. Written in Go, cloud native, headless, API-first. Available as a service on Ory Network and for self-hosters.

  6. authboss

    The boss of http auth.

  7. scs

    HTTP Session Management for Go

    Project mention: User authentication in go | dev.to | 2025-01-30

    scs - HTTP Session Management for Go.

  8. go-oidc

    A Go OpenID Connect client.

  9. InfluxDB

    InfluxDB – Built for High-Performance Time Series Workloads. InfluxDB 3 OSS is now GA. Transform, enrich, and act on time series data directly in the database. Automate critical tasks and eliminate the need to move data externally. Download now.

    InfluxDB logo

  10. jwx

    Complete implementation of JWx (Javascript Object Signing and Encryption/JOSE) technologies for Go. #golang #jwt #jws #jwk #jwe

  11. go-oauth2-server

    A standalone, specification-compliant, OAuth2 server written in Golang.

  12. loginsrv

    JWT login microservice with plugable backends such as OAuth2, Google, Github, htpasswd, osiam, ..

  13. gologin

    Go login handlers for authentication providers (OAuth1, OAuth2)

  14. oidc

    Easy to use OpenID Connect client and server library written for Go and certified by the OpenID Foundation

  15. gorbac

    goRBAC provides a lightweight role-based access control (RBAC) implementation in Golang.

  16. auth

    Authenticator via oauth2, direct, email and telegram (by go-pkgz)

  17. paseto

    Platform-Agnostic Security Tokens implementation in GO (Golang) (by o1egl)

  18. go-guardian

    Go-Guardian is a golang library that provides a simple, clean, and idiomatic way to create powerful modern API and web authentication.

  19. jeff

    🍍Jeff provides the simplest way to manage web sessions in Go.

  20. jwt-auth

    This package provides json web token (jwt) middleware for goLang http servers (by adam-hanna)

  21. httpauth

    HTTP Authentication middlewares

  22. branca

    :key: Secure alternative to JWT. Authenticated Encrypted API Tokens for Go.

  23. otpgen

    Library to generate TOTP/HOTP codes

  24. sessionup

    Straightforward HTTP session management

  25. RBAC

    RBAC - Simple, concurrent Role Based Access Control(GO) (by euroteltr)

  26. SaaSHub

    SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

    SaaSHub logo
NOTE: The open source projects on this list are ordered by number of github stars. The number of mentions indicates repo mentiontions in the last 12 Months or since we started tracking (Dec 2020).

Go Authentication and OAuth discussion

Log in or Post with

Go Authentication and OAuth related posts

  • Casbin: An authorization library that supports authz models like ACL, RBAC, ABAC

    1 project | news.ycombinator.com | 29 May 2025

  • Show HN: Clace – Application Server with support for scaling down to zero

    7 projects | news.ycombinator.com | 11 Sep 2024

  • Should I Use jwts For Authentication Tokens?

    7 projects | news.ycombinator.com | 27 May 2024

  • Show HN: Blueprint for a distributed multi-region IAM with Go and CockroachDB

    4 projects | news.ycombinator.com | 8 Aug 2023

  • Show HN: Open-source IAM Ory Kratos v1.0 with Passkeys, MFA and multi-region

    2 projects | news.ycombinator.com | 13 Jul 2023

  • how to design database for Access Control Privileges ?

    1 project | /r/node | 11 Jul 2023

  • Understanding Google Zanzibar and Why Shines at Building Permissions

    4 projects | news.ycombinator.com | 25 Jun 2023
  • A note from our sponsor - InfluxDB
    www.influxdata.com | 1 Sep 2025
    InfluxDB 3 OSS is now GA. Transform, enrich, and act on time series data directly in the database. Automate critical tasks and eliminate the need to move data externally. Download now. Learn more →

Index

What are some of the best open-source Authentication and OAuth projects in Go? This list will help you:

# Project Stars
1 casbin 19,068
2 goth 6,184
3 oauth2 5,685
4 Ory Keto 5,101
5 authboss 4,041
6 scs 2,397
7 go-oidc 2,211
8 jwx 2,192
9 go-oauth2-server 2,129
10 loginsrv 1,928
11 gologin 1,919
12 oidc 1,646
13 gorbac 1,635
14 auth 1,255
15 paseto 908
16 go-guardian 587
17 jeff 270
18 jwt-auth 234
19 httpauth 221
20 branca 173
21 otpgen 140
22 sessionup 129
23 RBAC 126

Sponsored
Deploy and host your apps and databases, now with $50 credit!
Sevalla is the PaaS you have been looking for! Advanced deployment pipelines, usage-based pricing, preview apps, templates, human support by developers, and much more!
sevalla.com

Did you know that Go is
the 4th most popular programming language
based on number of references?

Loading...