{"id":27778814,"url":"https://github.com/authlib/authlib","last_synced_at":"2026-04-19T22:15:50.818Z","repository":{"id":37896804,"uuid":"108510280","full_name":"authlib/authlib","owner":"authlib","description":"The ultimate Python library in building OAuth, OpenID Connect clients and servers. JWS, JWE, JWK, JWA, JWT included.","archived":false,"fork":false,"pushed_at":"2026-02-23T09:05:08.000Z","size":3910,"stargazers_count":5219,"open_issues_count":133,"forks_count":521,"subscribers_count":57,"default_branch":"main","last_synced_at":"2026-02-24T09:18:13.896Z","etag":null,"topics":["django","flask","jose","jwe","jwk","jws","jwt","oauth","oauth2","oauth2-provider","oauth2-server","oidc","openid-connect"],"latest_commit_sha":null,"homepage":"https://authlib.org/","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"bsd-3-clause","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/authlib.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":".github/FUNDING.yml","license":"LICENSE","code_of_conduct":".github/CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":".github/SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null},"funding":{"github":["authlib","lepture"]}},"created_at":"2017-10-27T06:52:26.000Z","updated_at":"2026-02-23T22:51:15.000Z","dependencies_parsed_at":"2024-02-28T02:49:54.296Z","dependency_job_id":"a5134a6e-41ed-4757-948f-b02d6a5a284f","html_url":"https://github.com/authlib/authlib","commit_stats":{"total_commits":1301,"total_committers":125,"mean_commits":10.408,"dds":"0.14604150653343584","last_synced_commit":"fe12a578854fb64c8a3906676ba7d2a2b9579459"},"previous_names":["authlib/authlib"],"tags_count":50,"template":false,"template_full_name":null,"purl":"pkg:github/authlib/authlib","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/authlib%2Fauthlib","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/authlib%2Fauthlib/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/authlib%2Fauthlib/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/authlib%2Fauthlib/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/authlib","download_url":"https://codeload.github.com/authlib/authlib/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/authlib%2Fauthlib/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":29976272,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-03-01T16:35:47.903Z","status":"ssl_error","status_checked_at":"2026-03-01T16:35:44.899Z","response_time":124,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["django","flask","jose","jwe","jwk","jws","jwt","oauth","oauth2","oauth2-provider","oauth2-server","oidc","openid-connect"],"created_at":"2025-04-30T08:10:48.746Z","updated_at":"2026-04-19T22:15:50.800Z","avatar_url":"https://github.com/authlib.png","language":"Python","funding_links":["https://github.com/sponsors/authlib","https://github.com/sponsors/lepture","https://tidelift.com/subscription/pkg/pypi-authlib","https://tidelift.com/subscription/pkg/pypi-authlib?utm_source=pypi-authlib\u0026utm_medium=referral\u0026utm_campaign=links","https://tidelift.com/security"],"categories":["Python","Authorization \u0026 Authentication","Authentication"],"sub_categories":[],"readme":"\u003cdiv align=\"center\"\u003e\n\n\u003cpicture\u003e\n  \u003csource media=\"(prefers-color-scheme: dark)\" srcset=\"docs/_static/dark-logo.svg\" /\u003e\n  \u003cimg alt=\"Authlib\" src=\"docs/_static/light-logo.svg\" height=\"68\" /\u003e\n\u003c/picture\u003e\n\n[![Build Status](https://github.com/authlib/authlib/workflows/tests/badge.svg)](https://github.com/authlib/authlib/actions)\n[![PyPI version](https://img.shields.io/pypi/v/authlib.svg)](https://pypi.org/project/authlib)\n[![conda-forge version](https://img.shields.io/conda/v/conda-forge/authlib.svg?label=conda-forge\u0026colorB=0090ff)](https://anaconda.org/conda-forge/authlib)\n[![PyPI Downloads](https://static.pepy.tech/badge/authlib/month)](https://pepy.tech/projects/authlib)\n[![Code Coverage](https://codecov.io/gh/authlib/authlib/graph/badge.svg?token=OWTdxAIsPI)](https://codecov.io/gh/authlib/authlib)\n[![Maintainability Rating](https://sonarcloud.io/api/project_badges/measure?project=authlib_authlib\u0026metric=sqale_rating)](https://sonarcloud.io/summary/new_code?id=authlib_authlib)\n\n\u003c/div\u003e\n\nThe ultimate Python library in building OAuth and OpenID Connect servers.\nJWS, JWK, JWA, JWT are included.\n\nAuthlib is compatible with Python3.10+.\n\n## Migrations\n\nAuthlib will deprecate `authlib.jose` module, please read:\n\n- [Migrating from `authlib.jose` to `joserfc`](https://jose.authlib.org/en/dev/migrations/authlib/)\n\n## Sponsors\n\n\u003ctable\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003cimg align=\"middle\" width=\"48\" src=\"https://cdn.auth0.com/website/website/favicons/auth0-favicon.svg\"\u003e\u003c/td\u003e\n\u003ctd\u003eIf you want to quickly add secure token-based authentication to Python projects, feel free to check Auth0's Python SDK and free plan at \u003ca href=\"https://auth0.com/overview?utm_source=GHsponsor\u0026utm_medium=GHsponsor\u0026utm_campaign=authlib\u0026utm_content=auth\"\u003eauth0.com/overview\u003c/a\u003e.\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd\u003e\u003cimg align=\"middle\" width=\"48\" src=\"https://typlog.com/assets/icon-white.svg\"\u003e\u003c/td\u003e\n\u003ctd\u003eA blogging and podcast hosting platform with minimal design but powerful features. Host your blog and Podcast with \u003ca href=\"https://typlog.com/\"\u003eTyplog.com\u003c/a\u003e.\n\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/table\u003e\n\n[**Fund Authlib to access additional features**](https://docs.authlib.org/en/stable/community/funding.html)\n\n## Features\n\nGeneric, spec-compliant implementation to build clients and providers:\n\n- [The OAuth 1.0 Protocol](https://docs.authlib.org/en/stable/basic/oauth1.html)\n  - [RFC5849: The OAuth 1.0 Protocol](https://docs.authlib.org/en/stable/specs/rfc5849.html)\n- [The OAuth 2.0 Authorization Framework](https://docs.authlib.org/en/stable/basic/oauth2.html)\n  - [RFC6749: The OAuth 2.0 Authorization Framework](https://docs.authlib.org/en/stable/specs/rfc6749.html)\n  - [RFC6750: The OAuth 2.0 Authorization Framework: Bearer Token Usage](https://docs.authlib.org/en/stable/specs/rfc6750.html)\n  - [RFC7009: OAuth 2.0 Token Revocation](https://docs.authlib.org/en/stable/specs/rfc7009.html)\n  - [RFC7523: JWT Profile for OAuth 2.0 Client Authentication and Authorization Grants](https://docs.authlib.org/en/stable/specs/rfc7523.html)\n  - [RFC7591: OAuth 2.0 Dynamic Client Registration Protocol](https://docs.authlib.org/en/stable/specs/rfc7591.html)\n  - [RFC7592: OAuth 2.0 Dynamic Client Registration Management Protocol](https://docs.authlib.org/en/stable/specs/rfc7592.html)\n  - [RFC7636: Proof Key for Code Exchange by OAuth Public Clients](https://docs.authlib.org/en/stable/specs/rfc7636.html)\n  - [RFC7662: OAuth 2.0 Token Introspection](https://docs.authlib.org/en/stable/specs/rfc7662.html)\n  - [RFC8414: OAuth 2.0 Authorization Server Metadata](https://docs.authlib.org/en/stable/specs/rfc8414.html)\n  - [RFC8628: OAuth 2.0 Device Authorization Grant](https://docs.authlib.org/en/stable/specs/rfc8628.html)\n  - [RFC9068: JSON Web Token (JWT) Profile for OAuth 2.0 Access Tokens](https://docs.authlib.org/en/stable/specs/rfc9068.html)\n  - [RFC9101: The OAuth 2.0 Authorization Framework: JWT-Secured Authorization Request (JAR)](https://docs.authlib.org/en/stable/specs/rfc9101.html)\n  - [RFC9207: OAuth 2.0 Authorization Server Issuer Identification](https://docs.authlib.org/en/stable/specs/rfc9207.html)\n- [Javascript Object Signing and Encryption](https://docs.authlib.org/en/stable/jose/index.html)\n  - [RFC7515: JSON Web Signature](https://docs.authlib.org/en/stable/jose/jws.html)\n  - [RFC7516: JSON Web Encryption](https://docs.authlib.org/en/stable/jose/jwe.html)\n  - [RFC7517: JSON Web Key](https://docs.authlib.org/en/stable/jose/jwk.html)\n  - [RFC7518: JSON Web Algorithms](https://docs.authlib.org/en/stable/specs/rfc7518.html)\n  - [RFC7519: JSON Web Token](https://docs.authlib.org/en/stable/jose/jwt.html)\n  - [RFC7638: JSON Web Key (JWK) Thumbprint](https://docs.authlib.org/en/stable/specs/rfc7638.html)\n  - [ ] RFC7797: JSON Web Signature (JWS) Unencoded Payload Option\n  - [RFC8037: ECDH in JWS and JWE](https://docs.authlib.org/en/stable/specs/rfc8037.html)\n  - [ ] draft-madden-jose-ecdh-1pu-04: Public Key Authenticated Encryption for JOSE: ECDH-1PU\n- [OpenID Connect 1.0](https://docs.authlib.org/en/stable/specs/oidc.html)\n  - [x] OpenID Connect Core 1.0\n  - [x] OpenID Connect Discovery 1.0\n  - [x] OpenID Connect Dynamic Client Registration 1.0\n  - [x] [OpenID Connect RP-Initiated Logout 1.0](https://openid.net/specs/openid-connect-rpinitiated-1_0.html)\n\nConnect third party OAuth providers with Authlib built-in client integrations:\n\n- Requests\n  - [OAuth1Session](https://docs.authlib.org/en/stable/client/requests.html#requests-oauth-1-0)\n  - [OAuth2Session](https://docs.authlib.org/en/stable/client/requests.html#requests-oauth-2-0)\n  - [OpenID Connect](https://docs.authlib.org/en/stable/client/requests.html#requests-openid-connect)\n  - [AssertionSession](https://docs.authlib.org/en/stable/client/requests.html#requests-service-account)\n- HTTPX\n  - [AsyncOAuth1Client](https://docs.authlib.org/en/stable/client/httpx.html#httpx-oauth-1-0)\n  - [AsyncOAuth2Client](https://docs.authlib.org/en/stable/client/httpx.html#httpx-oauth-2-0)\n  - [OpenID Connect](https://docs.authlib.org/en/stable/client/httpx.html#httpx-oauth-2-0)\n  - [AsyncAssertionClient](https://docs.authlib.org/en/stable/client/httpx.html#async-service-account)\n- [Flask OAuth Client](https://docs.authlib.org/en/stable/client/flask.html)\n- [Django OAuth Client](https://docs.authlib.org/en/stable/client/django.html)\n- [Starlette OAuth Client](https://docs.authlib.org/en/stable/client/starlette.html)\n- [FastAPI OAuth Client](https://docs.authlib.org/en/stable/client/fastapi.html)\n\nBuild your own OAuth 1.0, OAuth 2.0, and OpenID Connect providers:\n\n- Flask\n  - [Flask OAuth 1.0 Provider](https://docs.authlib.org/en/stable/flask/1/)\n  - [Flask OAuth 2.0 Provider](https://docs.authlib.org/en/stable/flask/2/)\n  - [Flask OpenID Connect 1.0 Provider](https://docs.authlib.org/en/stable/flask/2/openid-connect.html)\n- Django\n  - [Django OAuth 1.0 Provider](https://docs.authlib.org/en/stable/django/1/)\n  - [Django OAuth 2.0 Provider](https://docs.authlib.org/en/stable/django/2/)\n  - [Django OpenID Connect 1.0 Provider](https://docs.authlib.org/en/stable/django/2/openid-connect.html)\n\n## Useful Links\n\n1. Homepage: \u003chttps://authlib.org/\u003e.\n2. Documentation: \u003chttps://docs.authlib.org/\u003e.\n3. Purchase Commercial License: \u003chttps://authlib.org/plans\u003e.\n4. Blog: \u003chttps://blog.authlib.org/\u003e.\n5. Twitter: \u003chttps://twitter.com/authlib\u003e.\n6. StackOverflow: \u003chttps://stackoverflow.com/questions/tagged/authlib\u003e.\n7. Other Repositories: \u003chttps://github.com/authlib\u003e.\n8. Subscribe Tidelift: [https://tidelift.com/subscription/pkg/pypi-authlib](https://tidelift.com/subscription/pkg/pypi-authlib?utm_source=pypi-authlib\u0026utm_medium=referral\u0026utm_campaign=links).\n\n## Security Reporting\n\nIf you found security bugs, please do not send a public issue or patch.\nYou can send me email at \u003cme@lepture.com\u003e. Attachment with patch is welcome.\nMy PGP Key fingerprint is:\n\n```\n72F8 E895 A70C EBDF 4F2A DFE0 7E55 E3E0 118B 2B4C\n```\n\nOr, you can use the [Tidelift security contact](https://tidelift.com/security).\nTidelift will coordinate the fix and disclosure.\n\n## License\n\nAuthlib offers two licenses:\n\n1. BSD LICENSE\n2. COMMERCIAL-LICENSE\n\nAny project, open or closed source, can use the BSD license.\nIf your company needs commercial support, you can purchase a commercial license at\n[Authlib Plans](https://authlib.org/plans). You can find more information at\n\u003chttps://authlib.org/support\u003e.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fauthlib%2Fauthlib","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fauthlib%2Fauthlib","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fauthlib%2Fauthlib/lists"}