Identity

Top 23 Identity Open-Source Projects

  • awesome-falsehood

    😱 Falsehoods Programmers Believe in

    Project mention: Ask HN: Did you encounter any Leap Year bugs today? How bad was it? | news.ycombinator.com | 2024-02-29

    Billing. It always has to be the billing. For a list of all other edge cases, you have: https://github.com/kdeldycke/awesome-falsehood#readme

  • casbin

    An authorization library that supports access control models like ACL, RBAC, ABAC in Golang: https://discord.gg/S5UjpzGZjN

    Project mention: A guide to Auth & Access Control in web apps 🔐 | dev.to | 2023-11-07

    https://casbin.org/ (multiple approaches, multiple languages, provider) Open source authZ library that has support for many access control models (ACL, RBAC, ABAC, …) and many languages (Go, Java, Node.js, JS, Rust, …). While somewhat complex, it is also powerful and flexible. They also have their Casdoor platform, which is authN and authZ provider.

  • InfluxDB

    Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

  • Ory Hydra

    OpenID Certified™ OpenID Connect and OAuth Provider written in Go - cloud native, security-first, open source API security for your infrastructure. SDKs for any language. Works with Hardware Security Modules. Compatible with MITREid.

    Project mention: Show HN: Open-source OAuth2 server Ory Hydra now 6x faster | news.ycombinator.com | 2024-02-13
  • Ory Kratos

    Next-gen identity server replacing your Auth0, Okta, Firebase with hardened security and PassKeys, SMS, OIDC, Social Sign In, MFA, FIDO, TOTP and OTP, WebAuthn, passwordless and much more. Golang, headless, API-first. Available as a worry-free SaaS with the fairest pricing on the market! (by ory)

    Project mention: Show HN: Auth0 OSS alternative Ory Kratos now with passwordless and SMS support | news.ycombinator.com | 2024-02-22
  • logto

    🧑‍🚀 The better identity infrastructure for developers and the open-source alternative to Auth0.

    Project mention: Logto v1.12.0 - Organizations, SSO, and MFA | /r/selfhosted | 2023-12-06
  • zitadel

    ZITADEL - The best of Auth0 and Keycloak combined. Built for the serverless era.

    Project mention: Show HN: Auth0 OSS alternative Ory Kratos now with passwordless and SMS support | news.ycombinator.com | 2024-02-22
  • Doorkeeper

    Doorkeeper is an OAuth 2 provider for Ruby on Rails / Grape.

    Project mention: Best way for user auth with a Rails API? | /r/rails | 2023-04-17

    The doorkeeper gem.

  • WorkOS

    The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.

  • Ockam

    Orchestrate end-to-end encryption, cryptographic identities, mutual authentication, and authorization policies between distributed applications – at massive scale.

    Project mention: Tunnelmole, an ngrok alternative (open source) | news.ycombinator.com | 2024-03-21

    disclosure: I work at Ockam.

    The Portals for Mac app is an example of the type of thing you could build using the open source stack of protocols. The README (linked by parent) links out to all of the relevant parts of the protocol documentation to explain how these work together. The NAT Traversal (https://github.com/build-trust/ockam/blob/develop/examples/a...) part of the README is probably the best explanation of why the free relay you get via Ockam Orchestrator is a useful part of this demo.

    As for why would anyone trust this: The protocols are designed so you absolutely don't have to trust the relay. Trust is pushed out to the edges that you control and so you're not susceptible to a MITM attack if something like a relay is compromised. The protocol design for all of this is open and documented, and was independently audited by (IMO) some of the best in the business, Trail of Bits: https://docs.ockam.io/reference/protocols.

  • Pomerium

    Pomerium is an identity and context-aware reverse proxy for zero-trust access to web applications and services.

    Project mention: OAuth server for authorization | /r/googlecloud | 2023-12-05

    Option 3: Pomerium might be an alternative as well.

  • Ory Oathkeeper

    A cloud native Identity & Access Proxy / API (IAP) and Access Control Decision API that authenticates, authorizes, and mutates incoming HTTP(s) requests. Inspired by the BeyondCorp / Zero Trust white paper. Written in Go.

  • Security-101

    7 Lessons, Kick-start Your Cybersecurity Learning.

    Project mention: Microsoft Security-101: Open-Source curriculum | news.ycombinator.com | 2024-02-29
  • OAuthLib

    A generic, spec-compliant, thorough implementation of the OAuth request-signing logic

  • kanidm

    Kanidm: A simple, secure and fast identity management platform

    Project mention: Identity Management Solutins | /r/openSUSE | 2023-05-25

    Check this: https://github.com/kanidm/kanidm/ Maybe not production ready, but looks very promising

  • infra

    Infra provides authentication and access management to servers and Kubernetes clusters.

    Project mention: Recommendations for a better way to grant access in K8s on a granular level? | /r/kubernetes | 2023-09-05

    Check out https://infrahq.com. I saw the founder give a talk at the Civo conference in Feb.

  • IdentityServer

    The most flexible and standards-compliant OpenID Connect and OAuth 2.x framework for ASP.NET Core

    Project mention: Identity server 4 | /r/dotnet | 2023-12-11

    Its deprecated in favor of Duende Identityserver which introduced a license model.

  • microsoft-authentication-library-for-dotnet

    Microsoft Authentication Library (MSAL) for .NET

  • WeIdentity

    基于区块链的符合W3C DID和Verifiable Credential规范的分布式身份解决方案

  • angular-auth-oidc-client

    npm package for OpenID Connect, OAuth Code Flow with PKCE, Refresh tokens, Implicit Flow

  • IdentityModel

    .NET standard helper library for claims-based identity, OAuth 2.0 and OpenID Connect.

    Project mention: Is it normal for a jwt made with c#/.net to contain these url's? | /r/csharp | 2023-05-11
  • multitor

    Create multiple TOR instances with a load-balancing.

  • OpenID

    OpenID Certified™ OpenID Connect Relying Party implementation for Apache HTTP Server 2.x

    Project mention: Keycloak SSO with Docker Compose and Nginx | news.ycombinator.com | 2024-02-11

    I did something similar, though picked Apache with mod_auth_openidc, which is a certified Relying Party implementation: https://github.com/OpenIDC/mod_auth_openidc

    In other words, I can protect arbitrary applications through my reverse proxy and require either certain claims/roles, or simplify auth to the point where my downstream app/API will just receive a bunch of headers like OIDC_CLAIM_sub, OIDC_CLAIM_name, OIDC_CLAIM_email through the internal network, not making me bother with configuring OIDC libraries for all of my APIs and configure them in each stack that I might use, but rather contain all of that complexity in the web server.

    Basically:

      user <==> Apache (with mod_auth_openidc) <==> API (with OIDC_ headers, if logged in)

  • verida-js

    The Verida SDK provides several SDKs to interact with the Verida Network

  • FreeIPA

    Mirror of FreeIPA, an integrated security information management solution

    Project mention: Non-interactive SSH password authentication | news.ycombinator.com | 2023-12-25
  • SaaSHub

    SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

NOTE: The open source projects on this list are ordered by number of github stars. The number of mentions indicates repo mentiontions in the last 12 Months or since we started tracking (Dec 2020). The latest post mention was on 2024-03-21.

Identity related posts

Index

What are some of the best open-source Identity projects? This list will help you:

Project Stars
1 awesome-falsehood 22,862
2 casbin 16,727
3 Ory Hydra 14,979
4 Ory Kratos 10,436
5 logto 7,058
6 zitadel 6,634
7 Doorkeeper 5,246
8 Ockam 4,323
9 Pomerium 3,807
10 Ory Oathkeeper 3,149
11 Security-101 2,902
12 OAuthLib 2,734
13 kanidm 1,962
14 infra 1,345
15 IdentityServer 1,302
16 microsoft-authentication-library-for-dotnet 1,298
17 WeIdentity 1,103
18 angular-auth-oidc-client 1,088
19 IdentityModel 996
20 multitor 991
21 OpenID 945
22 verida-js 928
23 FreeIPA 911
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com