SaaSHub helps you find the best software and product alternatives Learn more β
Top 21 Go SSO Projects
-
-
casbin
An authorization library that supports access control models like ACL, RBAC, ABAC in Golang: https://discord.gg/S5UjpzGZjN
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
-
Ory Hydra
OpenID Certifiedβ’ OpenID Connect and OAuth Provider written in Go - cloud native, security-first, open source API security for your infrastructure. SDKs for any language. Works with Hardware Security Modules. Compatible with MITREid.
-
oauth2-proxy
A reverse proxy that provides authentication with Google, Azure, OpenID Connect and many more identity providers.
-
-
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
-
-
cli
π§° A zero trust swiss army knife for working with X509, OAuth, JWT, OATH OTP, etc. (by smallstep)
-
S.S.Octopus
sso, aka S.S.Octopus, aka octoboi, is a single sign-on solution for securing internal services
-
pgrok
Poor man's ngrok - a multi-tenant HTTP/TCP reverse tunnel solution through SSH remote port forwarding (by pgrok)
-
-
caddy-security
π Authentication, Authorization, and Accounting (AAA) App and Plugin for Caddy v2. π Implements Form-Based, Basic, Local, LDAP, OpenID Connect, OAuth 2.0 (Github, Google, Facebook, Okta, etc.), SAML Authentication. MFA/2FA with App Authenticators and Yubico. π Authorization with JWT/PASETO tokens. π
-
-
WireGuard-Guide
WireGuard Guide. Learn all about WireGuard for Networking and in the Cloud (Microsoft Azure, AWS, and Google Cloud).
-
-
idp-scim-sync
Keep your AWS Single Sign-On (SSO) groups and users in sync with your Google Workspace directory
-
kc-ssh-pam
KC SSH PAM is built to streamline the process of user authentication to access Linux systems through SSH with keycloak oidc
-
go-saml
High Level API Implementation of SAML 2.0 (Currently Supported Identity Provider Implementation) Single Sign On
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
It's me and two others though I'm definitely the most active. We put a lot of effort into security best practices and one of my co-developers is currently reviewing the 4.38.0 release. It's a fairly major release with a lot of important code paths that have been improved for the future.
Our official docs can be found at https://www.authelia.com and you can find docs for a particular PR in the relevant PR. We've also linked the pre-release docs in the pre-release discussions which can be found here: https://github.com/authelia/authelia/discussions/categories/...
https://casbin.org/ (multiple approaches, multiple languages, provider) Open source authZ library that has support for many access control models (ACL, RBAC, ABAC, β¦) and many languages (Go, Java, Node.js, JS, Rust, β¦). While somewhat complex, it is also powerful and flexible. They also have their Casdoor platform, which is authN and authZ provider.
Project mention: Building a Managed Service Provider Business With Open Source | dev.to | 2024-04-04Tailscale
Project mention: Show HN: Open-source OAuth2 server Ory Hydra now 6x faster | news.ycombinator.com | 2024-02-13
Recently I looked into having a relatively simple SSO setup for my homelab. My main objective is that I could easily login with Google or GitHub auth. At my previous job I used both JetBrains Hub [1] and Keycloak but I found both of them a bit of a PITA to setup.
JetBrains Hub was really, really easy to get going. As was my previous experience with them. The only thing that annoyed me was the lack of a latest tag on their Docker registry. Don't get me wrong, pinned versions are great, but for my personal use I mostly just want to update all my Docker containers in one go.
On the other hand I found Keycloak very cumbersome to get going. It was pretty easy in dev mode, but I stumbled to get it going in production. AFAIK it had something to do with the wildcard Let's Encrypt cert that I tried to use. But after a couple of hours, I just gave up.
I finally went with Dex [2]. I had previously put it off because of the lack of documentation, but in the end it was extremely easy to setup. It just required some basic YAML, a SQLite database and a (sub)domain. I combined Dex with the excellent OAuth2 Proxy and a custom Nginx (Proxy Manager) template for an easy two line SSO configuration on all of my internal services.
In addition to this setup, I also added Cloudflare Access and WAF outside of my home to add some security. I only want to add some CrowdSec to get a little more insights.
1. https://www.jetbrains.com/hub/
2. https://dexidp.io/
3. https://github.com/oauth2-proxy/oauth2-proxy
3. https://github.com/alex3305/unraid-docker-templates
Project mention: Maintainers of Zitadel and Ory discuss their tradeoffs as identity platforms | news.ycombinator.com | 2024-03-30
Project mention: Show HN: Stack, the open-source Clerk/Firebase Auth alternative | news.ycombinator.com | 2024-04-14If you're looking for a system that has more features, is user friendly, a nice admin ui and easy deployments compared to Keycloak. Please give https://goauthentik.io/ a shot. Not affiliated in any way, just a very happy user.
It has
-an admin UI
- Supports (LDAP, SAML, OAUTH, social logins)
- MFA, Passkeys
- Application access based on user groups etc
I get what you are trying to do, but it feels a bit insecure. Why not use an OSS passwordless project like https://github.com/supertokens/supertokens-core/ or https://github.com/teamhanko/hanko
Project mention: Google will disable all but OAuth for IMAP, SMTP and POP starting Sept. 30 | news.ycombinator.com | 2024-01-18https://github.com/smallstep/cli implements some OAuth flows from the CLI, it may be helpful for you.
Project mention: I'm looking for an SSO server/reverse proxy with features I'm not sure exist | /r/selfhosted | 2023-06-23
Project mention: Caddy-Security: Security App and Plugin for Caddy | news.ycombinator.com | 2024-03-17
Project mention: Ask HN: How do you manage many profiles and credentials for cloud tooling? | news.ycombinator.com | 2023-10-03You're going to love https://granted.dev. It can be extended further, as we've done internally: https://www.duckbillgroup.com/blog/overhauling-aws-account-a...
Project mention: Seeking feedback on a project of my mine (identity management / OAuth2 / OIDC) | /r/cybersecurity | 2023-12-01
NOTE:
The open source projects on this list are ordered by number of github stars.
The number of mentions indicates repo mentiontions in the last 12 Months or
since we started tracking (Dec 2020).
Go SSO related posts
- How to update Go version of tailscaled on macOS
- Keycloak SSO with Docker Compose and Nginx
- π‘οΈ4 Top Database Security Tools in 2024 ππ₯
- I have made a smalll NAS server using samba. What is the port to fwd to get to it externally
- Why You Should Migrate to OAuth 2.0 From API Keys
- Remote Printing
- SSH configuration
-
A note from our sponsor - SaaSHub
www.saashub.com | 26 Apr 2024
Index
What are some of the best open-source SSO projects in Go? This list will help you:
| Project | Stars | |
|---|---|---|
| 1 | authelia | 19,523 |
| 2 | casbin | 16,865 |
| 3 | tailscale | 16,437 |
| 4 | Ory Hydra | 15,068 |
| 5 | oauth2-proxy | 8,674 |
| 6 | zitadel | 7,050 |
| 7 | authentik | 6,762 |
| 8 | hanko | 5,409 |
| 9 | cli | 3,478 |
| 10 | S.S.Octopus | 3,059 |
| 11 | pgrok | 3,049 |
| 12 | vouch-proxy | 2,643 |
| 13 | caddy-security | 1,234 |
| 14 | granted | 888 |
| 15 | WireGuard-Guide | 353 |
| 16 | glide | 234 |
| 17 | go-scim | 142 |
| 18 | goiabada | 116 |
| 19 | idp-scim-sync | 89 |
| 20 | kc-ssh-pam | 52 |
| 21 | go-saml | 12 |
Sponsored
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com