SaaSHub helps you find the best software and product alternatives Learn more →
Top 23 Authentication Open-Source Projects
-
FROM alpine:3.21 ARG PB_VERSION=0.36.6 RUN apk add --no-cache ca-certificates wget unzip \ && wget -q "https://github.com/pocketbase/pocketbase/releases/download/v${PB_VERSION}/pocketbase_${PB_VERSION}_linux_amd64.zip" \ -O /tmp/pb.zip \ && unzip /tmp/pb.zip -d /usr/local/bin/ \ && rm /tmp/pb.zip \ && chmod +x /usr/local/bin/pocketbase EXPOSE 8090 CMD ["pocketbase", "serve", "--http=0.0.0.0:8090", "--dir=/pb_data"]
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
-
There’s been a noticeable shift in how authentication is approached in modern apps. Tools like Better Auth have pushed toward a model that is both developer-friendly and production-aware, with a strong emphasis on correctness, extensibility, and sensible defaults.
-
Project mention: What the React 2025 Vulnerability Taught Me About Solo Dev Security | dev.to | 2025-12-18
I use libraries for authentication rather than building it myself. For Memoreru, I chose Better Auth. Auth.js is also an option.
-
-
View on GitHub
-
-
Stars: 14.8k | Language: Python GitHub: https://github.com/goauthentik/authentik
-
Self-Hosting-Guide
Self-Hosting Guide. Learn all about locally hosting (on premises & private web servers) and managing software applications by yourself or your organization. Including Cloud, LLMs, WireGuard, Automation, Home Assistant, and Networking.
"Self-Hosting Guide" - GitHub repository by mikeroyal documenting self-hosted alternatives to cloud services. Available at: https://github.com/mikeroyal/Self-Hosting-Guide
-
casbin
Apache Casbin: an authorization library that supports access control models like ACL, RBAC, ABAC.
Worth mentioning Casbin as well (https://github.com/casbin/casbin) - it's been around for a while and takes a slightly different approach. Instead of being purely Zanzibar-inspired, it uses a PERM (Policy, Effect, Request, Matchers) metamodel that lets you implement RBAC, ABAC, or ReBAC depending on what fits your use case.
-
Project mention: I Tested 7 Open Source Clerk Alternatives for Full-Stack Developers | dev.to | 2025-11-26
SuperTokens is different. It's built like building blocks.
-
open-saas
A 100% free modern JS SaaS boilerplate (React, NodeJS, Prisma). Full-featured: Auth (email, google, github, slack, MS), Email sending, Background jobs, Landing page, Payments (Stripe, Polar.sh), Shadcn UI, S3 file upload. AI-ready with tailored AGENTS.md, skills, and Claude Code plugin. One cmd deploy. Powered by Wasp full-stack framework.
Phase 3 — A real SaaS. Build on Open SaaS, a free $300-value SaaS template the Wasp team maintains. Auth, payments, an admin dashboard, file uploads, AI integrations, deploy, and more.
-
Project mention: Zitadel Has a Free API: Self-Hosted Identity and Auth That Replaces Auth0 | dev.to | 2026-03-28
Zitadel is an open-source identity management platform — a self-hosted alternative to Auth0, Okta, and Firebase Auth. It provides authentication, authorization, and user management with a comprehensive API.
-
logto
🧑🚀 Authentication and authorization infrastructure for SaaS and AI apps, built on OIDC and OAuth 2.1 with multi-tenancy, SSO, and RBAC.
Project mention: Getting CLI authentication right: the complete guide to all 5 methods | dev.to | 2026-04-06On the auth provider side, the demand is clearly growing. Logto just shipped OAuth 2.0 Device Authorization Grant support for native apps in v1.38.0 (open source) and Logto Cloud, so you can now enable device flow as the authorization method for any native application. This matters if you're building a CLI. Implementing RFC 8628 correctly (code expiry, rate limiting, polling logic, the sign-in UX on the verification page) is more work than most teams expect, and having your auth provider handle it means you just need to make the right HTTP calls.
-
FastAPI MCP - Expose your FastAPI endpoints as MCP tools with auth. 🆓 🔑
-
-
Project mention: CAS Internals – 825 pages on how a 400-module Spring Boot app works | news.ycombinator.com | 2026-03-27
I've been a committer on Apereo CAS (https://github.com/apereo/cas) since the 3.0 days. It's an open-source SSO/identity platform - 400+ modules, Spring Boot 3.x, Java 21+. Deployed at thousands of universities, government agencies, and enterprises.
I wrote a book that walks through how the whole thing works internally - not configuration, but actual code paths. 30 chapters, 825 pages. The Spring Boot bootstrap sequence, the authentication pipeline, Webflow state machines, ticket registry internals, SAML2/OAuth2/OIDC protocol engines.
-
InsForge
The all-in-one, open-source backend platform for agentic coding. InsForge gives your coding agent database, auth, storage, compute, hosting, and AI gateway to ship full-stack apps end-to-end.
Project mention: Show HN: InsForge – Open-source Heroku for AI coding agents | news.ycombinator.com | 2026-05-18We're open source so you can self host: https://github.com/InsForge/InsForge
-
django-allauth
Integrated set of Django applications addressing authentication, registration, account management as well as 3rd party (social) account authentication. 🔁 Mirror of https://codeberg.org/allauth/django-allauth/
-
We built Constellation — an open-source GraphQL engine written in Go that is a near drop-in replacement for Hasura Community Edition. It reads the same metadata, generates the same schema, and serves the same GraphQL API. In production it uses ~90% less memory than Hasura with comparable or better latency, before any dedicated performance work.
-
hanko
Modern authentication, on your terms. Open source alternative to Auth0, Clerk, WorkOS, Stytch.
Project mention: Hanko: The Open-Source Authentication Revolution You Need to See! | dev.to | 2025-07-12View the Project on GitHub
-
git-credential-manager
Secure, cross-platform Git credential storage with authentication to GitHub, Azure Repos, and other popular Git hosting services.
Git GCM – A Git helper utility that manages authentication between Git and third-party repository hosts like GitHub.
-
nebular
:boom: Customizable Angular UI Library based on Eva Design System :new_moon_with_face::sparkles:Dark Mode
-
Omniauthable: adds OmniAuth (https://github.com/omniauth/omniauth) support.
NOTE:
The open source projects on this list are ordered by number of github stars.
The number of mentions indicates repo mentiontions in the last 12 Months or
since we started tracking (Dec 2020).
Authentication discussion
Authentication related posts
-
I rebuilt 3 dev tools so they stop uploading your data
-
We Built an Open-Source GraphQL Engine to Replace Hasura
-
AWS Just Defined AgentOps. Here's What Amazon Bedrock AgentCore Actually Changes About Running Agents in Production.
-
Amazon Bedrock AgentCore Gateway Just Became the Enterprise MCP Infrastructure Layer. Here's What Actually Changed.
-
Show HN: Constellation is an open-source Hasura-compatible GraphQL engine in Go
-
An AI agent that pays for its own API calls on AWS
-
I will continue using Devise with Rails 8!
-
A note from our sponsor - SaaSHub
www.saashub.com | 7 Jun 2026
Index
What are some of the best open-source Authentication projects? This list will help you:
| # | Project | Stars |
|---|---|---|
| 1 | pocketbase | 58,921 |
| 2 | better-auth | 28,584 |
| 3 | next-auth | 28,269 |
| 4 | authelia | 27,974 |
| 5 | Devise | 24,354 |
| 6 | Passport | 23,533 |
| 7 | authentik | 21,844 |
| 8 | Self-Hosting-Guide | 20,182 |
| 9 | casbin | 20,172 |
| 10 | SuperTokens Community | 15,080 |
| 11 | open-saas | 14,620 |
| 12 | zitadel | 13,954 |
| 13 | logto | 12,114 |
| 14 | fastapi_mcp | 11,895 |
| 15 | jwt-auth | 11,481 |
| 16 | cas | 11,336 |
| 17 | InsForge | 10,860 |
| 18 | django-allauth | 10,343 |
| 19 | nhost | 9,177 |
| 20 | hanko | 8,944 |
| 21 | git-credential-manager | 8,930 |
| 22 | nebular | 8,125 |
| 23 | OmniAuth | 8,079 |
Sponsored
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com