The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning. Learn more →
Top 23 Go Authentication and OAuth Projects
-
casbin
An authorization library that supports access control models like ACL, RBAC, ABAC in Golang: https://discord.gg/S5UjpzGZjN
https://casbin.org/ (multiple approaches, multiple languages, provider) Open source authZ library that has support for many access control models (ACL, RBAC, ABAC, …) and many languages (Go, Java, Node.js, JS, Rust, …). While somewhat complex, it is also powerful and flexible. They also have their Casdoor platform, which is authN and authZ provider.
-
Project mention: How to Authenticate a CLI Using OAuth and GitHub in Golang | /r/golang | 2023-03-22
The guide covers setting up GitHub, using the golang.org/x/oauth2 package, and handling OAuth authentication. The code snippets are easy to follow and can be modified to fit your project's needs.
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
-
goth
Package goth provides a simple, clean, and idiomatic way to write authentication packages for Go web applications.
Also really easy to implement as there are libraries that do all the heavy lifting for you (https://github.com/markbates/goth is a great starting place IMHO)
-
Ory Keto
Open Source (Go) implementation of "Zanzibar: Google's Consistent, Global Authorization System". Ships gRPC, REST APIs, newSQL, and an easy and granular permission language. Supports ACL, RBAC, and other access models.
Project mention: Show HN: Blueprint for a distributed multi-region IAM with Go and CockroachDB | news.ycombinator.com | 2023-08-08One of Ory’s core competencies is permissions. We built the first Google Zanzibar implementation in the world and it’s part of Ory Network‘s global multi-region platform (https://github.com/ory/keto)
A push model is also valid if you’re heavy on policies and can accept eventual consistency. We will investigate how to generally push things to the edge (like we did with Ory Edge Sessions) or to cryptographic verification wherever staleness is acceptable.
By solving the primitives correctly in the beginning (with a multi region architecture) that job does become a lot easier, which is what we decided doing at Ory :)
-
is authboss here the best option or there is a better one?
-
-
loginsrv
JWT login microservice with plugable backends such as OAuth2, Google, Github, htpasswd, osiam, ..
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
Project mention: Authentication system using Golang and Sveltekit - Login and Logout | dev.to | 2023-06-04
Although there are pretty good session managers in the Go ecosystem such as alexedwards/scs, golangcollege/session and gorilla/sessions, we won't use any but using this great guide, we'll write our own. This is to keep our project's dependence on external packages at the barest minimum.
-
I made a custom OIDC provider for integ tests using https://github.com/lestrrat-go/jwx, and a server than served out a .well-known/openid-configuration file and a jwks.json referenced by the openid-configuration.
-
Project mention: gologin VS lalicat - a user suggested alternative | libhunt.com/r/gologin | 2023-05-10
-
-
oidc
Easy to use OpenID Connect client and server library written for Go and certified by the OpenID Foundation
Project mention: Easy to use OpenID Connect client and server library written for Go | /r/hackernews | 2023-12-04 -
-
-
go-guardian
Go-Guardian is a golang library that provides a simple, clean, and idiomatic way to create powerful modern API and web authentication.
-
permissions2
:closed_lock_with_key: Middleware for keeping track of users, login states and permissions
-
-
jwt-auth
This package provides json web token (jwt) middleware for goLang http servers (by adam-hanna)
-
-
-
-
-
yubigo
Yubigo is a Yubikey client API library that provides an easy way to integrate the Yubico Yubikey into your existing Go-based user authentication infrastructure.
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
Go Authentication and OAuth related posts
- Show HN: Blueprint for a distributed multi-region IAM with Go and CockroachDB
- Show HN: Open-source IAM Ory Kratos v1.0 with Passkeys, MFA and multi-region
- how to design database for Access Control Privileges ?
- Understanding Google Zanzibar and Why Shines at Building Permissions
- A Go project with AWS (SNS, SQS, Lambda)
- Best package for user mangement
- Authentication system using Golang and Sveltekit - Login and Logout
-
A note from our sponsor - WorkOS
workos.com | 19 Mar 2024
Index
What are some of the best open-source Authentication and OAuth projects in Go? This list will help you:
Project | Stars | |
---|---|---|
1 | casbin | 16,656 |
2 | oauth2 | 5,091 |
3 | goth | 4,825 |
4 | Ory Keto | 4,547 |
5 | authboss | 3,616 |
6 | go-oauth2-server | 2,087 |
7 | loginsrv | 1,909 |
8 | scs | 1,871 |
9 | jwx | 1,768 |
10 | gologin | 1,753 |
11 | gorbac | 1,542 |
12 | oidc | 1,143 |
13 | auth | 891 |
14 | paseto | 788 |
15 | go-guardian | 520 |
16 | permissions2 | 500 |
17 | jeff | 260 |
18 | jwt-auth | 231 |
19 | httpauth | 219 |
20 | branca | 171 |
21 | webauthn | 165 |
22 | otpgen | 133 |
23 | yubigo | 125 |