Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality. Learn more →
Top 23 Go Authorization Projects
-
casbin
An authorization library that supports access control models like ACL, RBAC, ABAC in Golang: https://discord.gg/S5UjpzGZjN
https://casbin.org/ (multiple approaches, multiple languages, provider) Open source authZ library that has support for many access control models (ACL, RBAC, ABAC, …) and many languages (Go, Java, Node.js, JS, Rust, …). While somewhat complex, it is also powerful and flexible. They also have their Casdoor platform, which is authN and authZ provider.
-
Ory Hydra
OpenID Certified™ OpenID Connect and OAuth Provider written in Go - cloud native, security-first, open source API security for your infrastructure. SDKs for any language. Works with Hardware Security Modules. Compatible with MITREid.
Project mention: Show HN: Open-source OAuth2 server Ory Hydra now 6x faster | news.ycombinator.com | 2024-02-13 -
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
-
How can we handle this? Are there any mechanisms to prevent or at least to some extent safeguard this kind of issues without falling back to a manual workflow? There is. One huge advantage of sticking to (de-facto) standards like Terraform is that first we are probably not the first ones to come up with this question and second there is a huge ecosystem around Terraform that might help us with such challenges. And for this specific scenario the solution is the Open Policy Agent. Let us take a closer look how the solution could look like.
-
Project mention: Maintainers of Zitadel and Ory discuss their tradeoffs as identity platforms | news.ycombinator.com | 2024-03-30
-
-
Ory Oathkeeper
A cloud native Identity & Access Proxy / API (IAP) and Access Control Decision API that authenticates, authorizes, and mutates incoming HTTP(s) requests. Inspired by the BeyondCorp / Zero Trust white paper. Written in Go.
-
cerbos
Cerbos is the open core, language-agnostic, scalable authorization solution that makes user permissions and authorization simple to implement and manage by writing context-aware access control policies for your application resources.
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
However, in this piece we're focusing on the PBAC model also known as Policy-Based Access Control and how it differentiates itself these from traditional access control models in terms of scalability, flexibility and security.
-
You can take a look to https://github.com/ory/fosite
-
openfga
A high performance and flexible authorization/permission engine built for developers and inspired by Google Zanzibar
This feels very much like OpenFGA[0]. I've been evaluating authorization tool for one of my side projects and honestly most tools feels like creating relationships in a graph-like database and querying to see if there is/isn't relationship between two entities. Is there more to this (besides the implementation details) or am I missing something from these tools?
-
rbac-manager
A Kubernetes operator that simplifies the management of Role Bindings and Service Accounts.
-
authorizer
Your data, your control. Fully open source, authentication and authorization. No lock-ins. Deployment in Railway in 120 seconds || Spin a docker image as a micro-service in your infra. Built in login page and Admin panel out of the box.
Project mention: Authorizer, an open source authentication and authorization solution | news.ycombinator.com | 2023-09-12 -
-
caddy-security
🔐 Authentication, Authorization, and Accounting (AAA) App and Plugin for Caddy v2. 💎 Implements Form-Based, Basic, Local, LDAP, OpenID Connect, OAuth 2.0 (Github, Google, Facebook, Okta, etc.), SAML Authentication. MFA/2FA with App Authenticators and Yubico. 💎 Authorization with JWT/PASETO tokens. 🔐
Project mention: Caddy-Security: Security App and Plugin for Caddy | news.ycombinator.com | 2024-03-17 -
Supabase Auth now supports anonymous sign-ins, one of our most-requested features by the community.
-
-
warrant
Warrant is a highly scalable, centralized authorization service based on Google Zanzibar, used for defining, querying, and auditing application authorization models and access control rules.
Project mention: A list of SaaS, PaaS and IaaS offerings that have free tiers of interest to devops and infradev | dev.to | 2024-02-05Warrant — Hosted enterprise-grade authorization and access control service for your apps. The free tier includes 1 million monthly API requests and 1,000 authz rules.
-
OPA is a great tool for implementing a policy-as-code system. But if you're trying to use it for application authorization (e.g. fine-grained authz for B2B SaaS or a set of internal applications), you may find that its policy story is strong, but it doesn't really have a "data plane": you either store data in a data.json file and rebuild the policy any time that data changes, or make an http.send call out of the policy to fetch dynamic data.
Check out Topaz [0], which uses OPA as its decision engine, but adds a data plane that is based on the ReBAC ideas explored in the Google Zanzibar [1] paper.
Disclaimer: I work on the team [2] that builds and maintains the Topaz project.
[1] https://research.google/pubs/zanzibar-googles-consistent-glo...
-
rbac-tool
Rapid7 | insightCloudSec | Kubernetes RBAC Power Toys - Visualize, Analyze, Generate & Query
-
rbac-lookup
Easily find roles and cluster roles attached to any user, service account, or group name in your Kubernetes cluster
-
Check auth plugin for more complex use cases.
-
-
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
Go Authorization related posts
- Policy-Based Access Control (PBAC): A Comprehensive Overview
- Show HN: AI assistant powered by Groq to generate authorization models
- Maintainers of Zitadel and Ory discuss their tradeoffs as identity platforms
- Caddy-Security: Security App and Plugin for Caddy
- Open Policy Agent
- Show HN: Auth0 OSS alternative Ory Kratos now with passwordless and SMS support
- Show HN: Open-source OAuth2 server Ory Hydra now 6x faster
-
A note from our sponsor - InfluxDB
www.influxdata.com | 18 Apr 2024
Index
What are some of the best open-source Authorization projects in Go? This list will help you:
Project | Stars | |
---|---|---|
1 | casbin | 16,791 |
2 | Ory Hydra | 15,043 |
3 | OPA (Open Policy Agent) | 9,104 |
4 | zitadel | 6,906 |
5 | authentik | 6,591 |
6 | Ory Oathkeeper | 3,158 |
7 | cerbos | 2,476 |
8 | permify | 2,435 |
9 | fosite | 2,245 |
10 | openfga | 2,208 |
11 | rbac-manager | 1,401 |
12 | authorizer | 1,374 |
13 | rakkess | 1,257 |
14 | caddy-security | 1,214 |
15 | auth | 1,155 |
16 | audit2rbac | 1,038 |
17 | warrant | 968 |
18 | topaz | 966 |
19 | rbac-tool | 866 |
20 | rbac-lookup | 832 |
21 | mosquitto-go-auth | 480 |
22 | opa-envoy-plugin | 304 |
23 | casbin-server | 295 |