SaaSHub helps you find the best software and product alternatives Learn more β
Top 21 Go SSO Projects
-
casbin
An authorization library that supports access control models like ACL, RBAC, ABAC in Golang: https://discord.gg/S5UjpzGZjN
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
Ory Hydra
OpenID Certifiedβ’ OpenID Connect and OAuth Provider written in Go - cloud native, security-first, open source API security for your infrastructure. SDKs for any language. Works with Hardware Security Modules. Compatible with MITREid.
-
oauth2-proxy
A reverse proxy that provides authentication with Google, Azure, OpenID Connect and many more identity providers.
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
-
cli
π§° A zero trust swiss army knife for working with X509, OAuth, JWT, OATH OTP, etc. (by smallstep)
-
S.S.Octopus
sso, aka S.S.Octopus, aka octoboi, is a single sign-on solution for securing internal services
-
pgrok
Poor man's ngrok - a multi-tenant HTTP/TCP reverse tunnel solution through SSH remote port forwarding (by pgrok)
-
caddy-security
π Authentication, Authorization, and Accounting (AAA) App and Plugin for Caddy v2. π Implements Form-Based, Basic, Local, LDAP, OpenID Connect, OAuth 2.0 (Github, Google, Facebook, Okta, etc.), SAML Authentication. MFA/2FA with App Authenticators and Yubico. π Authorization with JWT/PASETO tokens. π
-
WireGuard-Guide
WireGuard Guide. Learn all about WireGuard for Networking and in the Cloud (Microsoft Azure, AWS, and Google Cloud).
-
idp-scim-sync
Keep your AWS Single Sign-On (SSO) groups and users in sync with your Google Workspace directory
-
kc-ssh-pam
KC SSH PAM is built to streamline the process of user authentication to access Linux systems through SSH with keycloak oidc
-
go-saml
High Level API Implementation of SAML 2.0 (Currently Supported Identity Provider Implementation) Single Sign On
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
It's me and two others though I'm definitely the most active. We put a lot of effort into security best practices and one of my co-developers is currently reviewing the 4.38.0 release. It's a fairly major release with a lot of important code paths that have been improved for the future.
Our official docs can be found at https://www.authelia.com and you can find docs for a particular PR in the relevant PR. We've also linked the pre-release docs in the pre-release discussions which can be found here: https://github.com/authelia/authelia/discussions/categories/...
https://casbin.org/ (multiple approaches, multiple languages, provider) Open source authZ library that has support for many access control models (ACL, RBAC, ABAC, β¦) and many languages (Go, Java, Node.js, JS, Rust, β¦). While somewhat complex, it is also powerful and flexible. They also have their Casdoor platform, which is authN and authZ provider.
Project mention: Building a Managed Service Provider Business With Open Source | dev.to | 2024-04-04Tailscale
Project mention: Show HN: Open-source OAuth2 server Ory Hydra now 6x faster | news.ycombinator.com | 2024-02-13
Recently I looked into having a relatively simple SSO setup for my homelab. My main objective is that I could easily login with Google or GitHub auth. At my previous job I used both JetBrains Hub [1] and Keycloak but I found both of them a bit of a PITA to setup.
JetBrains Hub was really, really easy to get going. As was my previous experience with them. The only thing that annoyed me was the lack of a latest tag on their Docker registry. Don't get me wrong, pinned versions are great, but for my personal use I mostly just want to update all my Docker containers in one go.
On the other hand I found Keycloak very cumbersome to get going. It was pretty easy in dev mode, but I stumbled to get it going in production. AFAIK it had something to do with the wildcard Let's Encrypt cert that I tried to use. But after a couple of hours, I just gave up.
I finally went with Dex [2]. I had previously put it off because of the lack of documentation, but in the end it was extremely easy to setup. It just required some basic YAML, a SQLite database and a (sub)domain. I combined Dex with the excellent OAuth2 Proxy and a custom Nginx (Proxy Manager) template for an easy two line SSO configuration on all of my internal services.
In addition to this setup, I also added Cloudflare Access and WAF outside of my home to add some security. I only want to add some CrowdSec to get a little more insights.
1. https://www.jetbrains.com/hub/
2. https://dexidp.io/
3. https://github.com/oauth2-proxy/oauth2-proxy
3. https://github.com/alex3305/unraid-docker-templates
Project mention: Maintainers of Zitadel and Ory discuss their tradeoffs as identity platforms | news.ycombinator.com | 2024-03-30
Project mention: Show HN: Stack, the open-source Clerk/Firebase Auth alternative | news.ycombinator.com | 2024-04-14If you're looking for a system that has more features, is user friendly, a nice admin ui and easy deployments compared to Keycloak. Please give https://goauthentik.io/ a shot. Not affiliated in any way, just a very happy user.
It has
-an admin UI
- Supports (LDAP, SAML, OAUTH, social logins)
- MFA, Passkeys
- Application access based on user groups etc
I get what you are trying to do, but it feels a bit insecure. Why not use an OSS passwordless project like https://github.com/supertokens/supertokens-core/ or https://github.com/teamhanko/hanko
Project mention: Google will disable all but OAuth for IMAP, SMTP and POP starting Sept. 30 | news.ycombinator.com | 2024-01-18https://github.com/smallstep/cli implements some OAuth flows from the CLI, it may be helpful for you.
Project mention: I'm looking for an SSO server/reverse proxy with features I'm not sure exist | /r/selfhosted | 2023-06-23
Project mention: Caddy-Security: Security App and Plugin for Caddy | news.ycombinator.com | 2024-03-17
Project mention: Ask HN: How do you manage many profiles and credentials for cloud tooling? | news.ycombinator.com | 2023-10-03You're going to love https://granted.dev. It can be extended further, as we've done internally: https://www.duckbillgroup.com/blog/overhauling-aws-account-a...
Project mention: Seeking feedback on a project of my mine (identity management / OAuth2 / OIDC) | /r/cybersecurity | 2023-12-01
Go SSO related posts
- How to update Go version of tailscaled on macOS
- Keycloak SSO with Docker Compose and Nginx
- π‘οΈ4 Top Database Security Tools in 2024 ππ₯
- I have made a smalll NAS server using samba. What is the port to fwd to get to it externally
- Why You Should Migrate to OAuth 2.0 From API Keys
- Remote Printing
- SSH configuration
-
A note from our sponsor - SaaSHub
www.saashub.com | 26 Apr 2024
Index
What are some of the best open-source SSO projects in Go? This list will help you:
Project | Stars | |
---|---|---|
1 | authelia | 19,523 |
2 | casbin | 16,865 |
3 | tailscale | 16,437 |
4 | Ory Hydra | 15,068 |
5 | oauth2-proxy | 8,674 |
6 | zitadel | 7,050 |
7 | authentik | 6,762 |
8 | hanko | 5,409 |
9 | cli | 3,478 |
10 | S.S.Octopus | 3,059 |
11 | pgrok | 3,049 |
12 | vouch-proxy | 2,643 |
13 | caddy-security | 1,234 |
14 | granted | 888 |
15 | WireGuard-Guide | 353 |
16 | glide | 234 |
17 | go-scim | 142 |
18 | goiabada | 116 |
19 | idp-scim-sync | 89 |
20 | kc-ssh-pam | 52 |
21 | go-saml | 12 |
Sponsored