SaaSHub helps you find the best software and product alternatives Learn more ā
Top 23 Oidc Open-Source Projects
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
casbin
An authorization library that supports access control models like ACL, RBAC, ABAC in Golang: https://discord.gg/S5UjpzGZjN
-
Ory Hydra
OpenID Certifiedā¢ OpenID Connect and OAuth Provider written in Go - cloud native, security-first, open source API security for your infrastructure. SDKs for any language. Works with Hardware Security Modules. Compatible with MITREid.
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
-
authlib
The ultimate Python library in building OAuth, OpenID Connect clients and servers. JWS,JWE,JWK,JWA,JWT included.
-
pgrok
Poor man's ngrok - a multi-tenant HTTP/TCP reverse tunnel solution through SSH remote port forwarding (by pgrok)
-
node-openid-client
OpenID Certifiedā¢ Relying Party (OpenID Connect/OAuth 2.0 Client) implementation for Node.js.
-
jackson
š„ Streamline your web application's authentication with Jackson, an SSO service supporting SAML and OpenID Connect protocols. Beyond enterprise-grade Single Sign-On, it also supports Directory Sync via the SCIM 2.0 protocol for automatic user and group provisioning/de-provisioning. š¤© (by boxyhq)
-
IdentityServer
The most flexible and standards-compliant OpenID Connect and OAuth 2.x framework for ASP.NET Core
-
oidc
Easy to use OpenID Connect client and server library written for Go and certified by the OpenID Foundation
-
oidc-client-ts
OpenID Connect (OIDC) and OAuth2 protocol support for browser-based JavaScript applications
-
angular-auth-oidc-client
npm package for OpenID Connect, OAuth Code Flow with PKCE, Refresh tokens, Implicit Flow
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
Project mention: Deploy Full-Stack Next.js T3App with Cognito and Prisma using AWS Lambda | dev.to | 2024-04-15NextAuth.js is not perfect. One of the shortcomings is that it currently does not implement federated logout. This means that even if a user signs out of the Next.js app, he does NOT get signed out of the Cognito user pool client. As a consequence, the user is not really being logged out (i.e he is able to login again without providing the credentials). You can read more about this problem in this Github thread.
In this article we'll be using Keycloak to secure a Vue.js Web application. We're going to leverage oidc-client-ts to integrate OIDC authentication with the Vue app. The oidc-client-ts package is a well-maintained and used library. It provides a lot of utilities for building out a fully production app.
https://casbin.org/ (multiple approaches, multiple languages, provider) Open source authZ library that has support for many access control models (ACL, RBAC, ABAC, ā¦) and many languages (Go, Java, Node.js, JS, Rust, ā¦). While somewhat complex, it is also powerful and flexible. They also have their Casdoor platform, which is authN and authZ provider.
Project mention: Show HN: Open-source OAuth2 server Ory Hydra now 6x faster | news.ycombinator.com | 2024-02-13
Project mention: Navigating Identity Authentication: From LDAP to Modern Protocols | dev.to | 2024-03-28Dex: https://dexidp.io
Project mention: Maintainers of Zitadel and Ory discuss their tradeoffs as identity platforms | news.ycombinator.com | 2024-03-30
Project mention: Show HN: Stack, the open-source Clerk/Firebase Auth alternative | news.ycombinator.com | 2024-04-14If you're looking for a system that has more features, is user friendly, a nice admin ui and easy deployments compared to Keycloak. Please give https://goauthentik.io/ a shot. Not affiliated in any way, just a very happy user.
It has
-an admin UI
- Supports (LDAP, SAML, OAUTH, social logins)
- MFA, Passkeys
- Application access based on user groups etc
I don't have a direct answer for your questions but do suggest the canonical OAuth 2.0 implementation may be helpful for your learning too. LMK your thoughts. ā https://github.com/panva/node-oidc-provider
Check this: https://github.com/kanidm/kanidm/ Maybe not production ready, but looks very promising
I made a custom OIDC provider for integ tests using https://github.com/lestrrat-go/jwx, and a server than served out a .well-known/openid-configuration file and a jwks.json referenced by the openid-configuration.
Project mention: Building a Managed Service Provider Business With Open Source | dev.to | 2024-04-04BoxyHQ SAML Jackson - GitHub
Authenticating with Kyma is a (in my opinion) unnecessary challenge as it leverages the OIDC-login plugin for kubectl. You find a description of the setup here. This works fine when on a Mac but can give you some headaches on a Windows and on Linux machine especially when combined with restrictive setups in corporate environments. For Windows I can only recommend installing krew via chocolatey and then install the OIDC plugin via kubectl krew install oidc-login. At least for me that was the only way to get this working on Windows.
Project mention: Recommendations for a better way to grant access in K8s on a granular level? | /r/kubernetes | 2023-09-05Check out https://infrahq.com. I saw the founder give a talk at the Civo conference in Feb.
Its deprecated in favor of Duende Identityserver which introduced a license model.
Project mention: Easy to use OpenID Connect client and server library written for Go | /r/hackernews | 2023-12-04
Project mention: I can't persuade our lead software architecture that this is not going to work | /r/learnjavascript | 2023-06-27
I did something similar, though picked Apache with mod_auth_openidc, which is a certified Relying Party implementation: https://github.com/OpenIDC/mod_auth_openidc
In other words, I can protect arbitrary applications through my reverse proxy and require either certain claims/roles, or simplify auth to the point where my downstream app/API will just receive a bunch of headers like OIDC_CLAIM_sub, OIDC_CLAIM_name, OIDC_CLAIM_email through the internal network, not making me bother with configuring OIDC libraries for all of my APIs and configure them in each stack that I might use, but rather contain all of that complexity in the web server.
Basically:
user <==> Apache (with mod_auth_openidc) <==> API (with OIDC_ headers, if logged in)
Oidc related posts
- Learn OAuth by building a client with Node.js
- Securing Vue Apps with Keycloak
- User Management and Identity Brokering for On-Prem Apps with Keycloak
- Satosa: Proxy translating between different authentication protocols
- Maintainers of Zitadel and Ory discuss their tradeoffs as identity platforms
- Navigating Identity Authentication: From LDAP to Modern Protocols
- Ask HN: No-code, simple-setup user management
-
A note from our sponsor - SaaSHub
www.saashub.com | 25 Apr 2024
Index
What are some of the best open-source Oidc projects? This list will help you:
Project | Stars | |
---|---|---|
1 | next-auth | 22,158 |
2 | Keycloak | 19,857 |
3 | casbin | 16,865 |
4 | Ory Hydra | 15,068 |
5 | dex | 9,025 |
6 | zitadel | 7,050 |
7 | authentik | 6,685 |
8 | authlib | 4,262 |
9 | pgrok | 3,049 |
10 | node-oidc-provider | 3,016 |
11 | OAuthLib | 2,740 |
12 | kanidm | 2,097 |
13 | jwx | 1,786 |
14 | node-openid-client | 1,723 |
15 | jackson | 1,571 |
16 | uaa | 1,549 |
17 | kubelogin | 1,511 |
18 | infra | 1,350 |
19 | IdentityServer | 1,327 |
20 | oidc | 1,189 |
21 | oidc-client-ts | 1,183 |
22 | angular-auth-oidc-client | 1,097 |
23 | OpenID | 947 |
Sponsored