SaaSHub helps you find the best software and product alternatives Learn more →
Top 23 Go SSO Projects
-
Project mention: Authelia: The Single Sign-On Multi-Factor portal for web apps | news.ycombinator.com | 2024-07-11
-
CodeRabbit
CodeRabbit: AI Code Reviews for Developers. Revolutionize your code reviews with AI. CodeRabbit offers PR summaries, code walkthroughs, 1-click suggestions, and AST-based analysis. Boost productivity and code quality across all major languages with each PR.
-
Project mention: ZeroTier – home VPN without a public IP address | news.ycombinator.com | 2025-02-09
Hmm, yes, I think you’re right. Tailscale does handle the connection here, not Wireguard.
I’ve digged into it a bit and I believe it first connects over a relay, then the devices try to find a more optimal route. So for LAN, they would exchange their local IPs and try to connect over those. If they are indeed on the same LAN, they connect directly: https://tailscale.com/kb/1257/connection-types
This is not without issues, however: https://github.com/tailscale/tailscale/issues/7206
-
casbin
An authorization library that supports access control models like ACL, RBAC, ABAC in Golang: https://discord.gg/S5UjpzGZjN
-
Ory Hydra
The most scalable and customizable OpenID Certified™ OpenID Connect and OAuth Provider on the market. Become an OpenID Connect and OAuth2 Provider over night. Broad support for related RFCs. Written in Go, cloud native, headless, API-first. Available as a service on Ory Network and for self-hosters.
Project mention: Show HN: Graceful token refresh for open source OAuth2 Server Ory Hydra | news.ycombinator.com | 2025-01-21 -
Project mention: Red Hat to contribute container tech (Podman, bootc, ComposeFS, etc.) to CNCF | news.ycombinator.com | 2024-11-14
-
oauth2-proxy
A reverse proxy that provides authentication with Google, Azure, OpenID Connect and many more identity providers.
-
Project mention: OpenAUTH: Universal, standards-based auth provider | news.ycombinator.com | 2024-12-17
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
-
hanko
The Complete Authentication and User Management Solution for the Passkey Era. Open Source Alternative to Clerk, Auth0, et al.
Project mention: My Journey with the OSS.GG Hackathon: A Fulfilling Open Source Experience | dev.to | 2024-10-28Participating in the OSS.GG hackathon has been an exciting and enriching experience. Engaging with projects from multiple partners like Dub, Formbricks, Hanko, OpenBB, Papermark, Twenty, and Unkey offered me the opportunity to explore the vast landscape of open source. Through this hackathon, I didn’t just contribute to code; I also got hands-on experience in non-code contributions, which opened up new avenues for collaboration and learning.
-
cli
🧰 A zero trust swiss army knife for working with X509, OAuth, JWT, OATH OTP, etc. (by smallstep)
-
pgrok
Poor man's ngrok - a multi-tenant HTTP/TCP reverse tunnel solution through SSH remote port forwarding
You can do Google/Microsoft/Apple OAuth is pretty much the same amount of code. E.g.: https://github.com/pgrok/pgrok/blob/dda32d9accfb46ab41f59cae...
What else do you need?
-
S.S.Octopus
sso, aka S.S.Octopus, aka octoboi, is a single sign-on solution for securing internal services
-
Project mention: Ask HN: How would you implement auth for a self hosted product? | news.ycombinator.com | 2024-06-18
I'd make it a pluggable middleware with a document on how to implement your own and provide a reference configuration that uses something like Vouch [0] which will redirect the user to another identity provider.
You could also provide another implementation that implements Cloudflare's zero trust authentication [1].
[0] https://github.com/vouch/vouch-proxy
[1] https://developers.cloudflare.com/cloudflare-one/identity/au...
In other words, I don't think I'd want to actually take responsibility for authentication these days and use an authenticating proxy. The less security infrastructure you have, the less there is to go out of date.
You can always start with this approach and then implement your own built-in user directory later.
-
caddy-security
🔐 Authentication, Authorization, and Accounting (AAA) App and Plugin for Caddy v2. 💎 Implements Form-Based, Basic, Local, LDAP, OpenID Connect, OAuth 2.0 (Github, Google, Facebook, Okta, etc.), SAML Authentication. MFA/2FA with App Authenticators and Yubico. 💎 Authorization with JWT/PASETO tokens. 🔐
Project mention: Caddy-Security: Security App and Plugin for Caddy | news.ycombinator.com | 2024-03-17 -
-
WireGuard-Guide
WireGuard Guide. Learn all about WireGuard for Networking and in the Cloud (Microsoft Azure, AWS, and Google Cloud).
-
-
-
idp-scim-sync
Keep your AWS Single Sign-On (SSO) groups and users in sync with your Google Workspace directory
-
Project mention: Launch HN: Stack Auth (YC S24) – An Open-Source Auth0/Clerk Alternative | news.ycombinator.com | 2024-08-08
Congrats for the launch! We also launched an open sources (Apache 2 licensed) auth0 alternatives with paid hosting / enterprise support as revenue few years ago. Glad to see more efforts to help make software more secure for consumers!
https://github.com/authgear/authgear-server
-
kc-ssh-pam
KC SSH PAM is built to streamline the process of user authentication to access Linux systems through SSH with keycloak oidc
-
go-saml
High Level API Implementation of SAML 2.0 (Currently Supported Identity Provider Implementation) Single Sign On
-
Project mention: Show HN: AWS-SSO-Google – Acquire AWS STS Credentials via Google Workspace SAML | news.ycombinator.com | 2024-10-11
-
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
Go SSO discussion
Go SSO related posts
-
ZeroTier – home VPN without a public IP address
-
3 Best Ngrok Alternatives
-
Install Tailscale With Ansible
-
Dynamic DNS sync with Cloudflare
-
Creating a Scroll Grid
-
Windows Kills SMB Speeds When Using Tailscale
-
Tell HN: Tailscale is giving 451s within Russia
-
A note from our sponsor - SaaSHub
www.saashub.com | 10 Feb 2025
Index
What are some of the best open-source SSO projects in Go? This list will help you:
# | Project | Stars |
---|---|---|
1 | authelia | 22,762 |
2 | tailscale | 20,860 |
3 | casbin | 18,138 |
4 | Ory Hydra | 15,824 |
5 | authentik | 14,824 |
6 | oauth2-proxy | 10,411 |
7 | zitadel | 9,581 |
8 | hanko | 7,522 |
9 | cli | 3,755 |
10 | pgrok | 3,246 |
11 | S.S.Octopus | 3,099 |
12 | vouch-proxy | 2,982 |
13 | caddy-security | 1,592 |
14 | granted | 1,206 |
15 | WireGuard-Guide | 506 |
16 | go-scim | 146 |
17 | goiabada | 142 |
18 | idp-scim-sync | 93 |
19 | authgear-server | 86 |
20 | kc-ssh-pam | 85 |
21 | go-saml | 11 |
22 | aws-sso-google | 2 |
23 | gpn | 0 |