{"id":13469640,"url":"https://github.com/curveball/a12n-server","last_synced_at":"2025-04-10T06:15:00.410Z","repository":{"id":39580260,"uuid":"147352393","full_name":"curveball/a12n-server","owner":"curveball","description":"An open source lightweight OAuth2 server","archived":false,"fork":false,"pushed_at":"2025-03-27T01:24:17.000Z","size":5839,"stargazers_count":476,"open_issues_count":38,"forks_count":54,"subscribers_count":16,"default_branch":"main","last_synced_at":"2025-04-03T03:37:12.619Z","etag":null,"topics":["2fa","authentication","hacktoberfest","javascript","mfa","oauth2","pkce","totp","typescript","webauthn"],"latest_commit_sha":null,"homepage":"","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/curveball.png","metadata":{"files":{"readme":"README.md","changelog":"changelog.md","contributing":".github/CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":".github/CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2018-09-04T13:40:56.000Z","updated_at":"2025-03-30T05:24:49.000Z","dependencies_parsed_at":"2024-01-07T10:51:27.507Z","dependency_job_id":"e7435032-a492-4cc6-87e8-6168f8733ec0","html_url":"https://github.com/curveball/a12n-server","commit_stats":{"total_commits":1053,"total_committers":26,"mean_commits":40.5,"dds":0.3884140550807218,"last_synced_commit":"109794235ba4fa43089e3cc5db1ba7e12c1cafa8"},"previous_names":["evert/auth-api"],"tags_count":112,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/curveball%2Fa12n-server","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/curveball%2Fa12n-server/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/curveball%2Fa12n-server/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/curveball%2Fa12n-server/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/curveball","download_url":"https://codeload.github.com/curveball/a12n-server/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":247182389,"owners_count":20897381,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["2fa","authentication","hacktoberfest","javascript","mfa","oauth2","pkce","totp","typescript","webauthn"],"created_at":"2024-07-31T15:01:48.228Z","updated_at":"2025-04-10T06:15:00.389Z","avatar_url":"https://github.com/curveball.png","language":"TypeScript","funding_links":[],"categories":["TypeScript","OAuth2 \u0026 OpenID"],"sub_categories":["Other tools"],"readme":"`@curveball/a12n-server`: A simple authentication server\n==================\n\n*a12n* is short for \"authentication\".\n\n`a12n-server` is a simple authentication server that implements the OAuth2 and OpenID Connect standards.\nIt's goals is to create a fast, lightweight server that can be quickly deployed on both dev machines and\nin production.\n\n![a12n-server home screenshot](https://raw.githubusercontent.com/curveball/a12n-server/master/docs/screenshot-0.27.png)\n\nRequirements\n------------\n\n* Node.js \u003e 18.x\n* MySQL, Postgres or Sqlite\n\nTry it out!\n-----------\n\nGet a test server by running:\n\n```sh\nmkdir a12n-server \u0026\u0026 cd a12n-server\nnpx @curveball/a12n-server\n```\n\nThis will automatically create a configuration file and sqlite database in the\ncurrent directory.\n\nThen, just open [http://localhost:8531/](http://localhost:8531/) to create your admin account. \nSee [Getting started](/docs/getting-started.md) for more ways to run the server.\n\n### Contributing or just curious about the code?\n\n[Run from source](/docs/getting-started.md#running-from-source-locally) or run the codebase [with Docker](/docs/getting-started.md#running-with-docker-compose)\n\n🍭 Features\n-----------\n\nThis project has been used in production since 2018 and continues to be actively maintained. \n\nInstead of rolling your own authentication system, you get *A LOT* of features for free 🪄:\n\n| Supported Features | Details |\n|---------|-------------|\n| User Management | • Create, update, delete and list users with our [User API](/docs/user-api.md)\u003cbr\u003e• Password reset/recovery flow |\n| Authentication Methods | • Username/password login\u003cbr\u003e• Multi-factor authentication (MFA): \u003cbr\u003e• TOTP (Time-based One-Time Passcodes with Google Authenticator)\u003cbr\u003e• Email one-time codes\u003cbr\u003e• WebAuthN hardware keys |\n| Authorization | • Role-based access control (RBAC)\u003cbr\u003e• Groups and permissions management\u003cbr\u003e• Fine-grained access policies |\n| OAuth2 Support | • Multiple grant types (Authorization code, client credentials, etc)\u003cbr\u003e• Token introspection and revocation\u003cbr\u003e• PKCE for enhanced security\u003cbr\u003e• JWT access tokens (RFC 9068) |\n| OpenID Connect | • Standard OIDC configuration endpoints\u003cbr\u003e• Discovery document\u003cbr\u003e• JSON Web Key Sets (JWKS)\u003cbr\u003e• Multiple response types |\n| Developer Experience | • Browser-based admin UI\u003cbr\u003e• Browsable REST API with HTML and JSON responses \u003cbr\u003e• Signup and login views included\n\n\nThe server supports OAuth2 and OpenID Connect, with support for the following features and standards:\n\n* Authorization code, client credentials, password and implicit grants.\n* [OAuth2 discovery document][1] and OpenID Connect configuration endpoint.\n* [OAuth 2 Token Introspection][2].\n* [Proof Key for Code Exchange (PKCE)][3].\n* [JSON Web Key Sets][4].\n* [OAuth2 Token Revocation][5]\n* [RFC 9068][7] - JSON Web Token (JWT) Profile for OAuth 2.0 Access Tokens.\n* [OAuth 2.0 Multiple Response Type Encoding Practices](https://openid.net/specs/oauth-v2-multiple-response-types-1_0.html)\n\n\n📂 Documentation\n-------------\n- 🚀 [Getting started](/docs/getting-started.md)\n- 🛠️ [Configure the server](/docs/server-settings.md)\n- 🔗 [Integrate with a browser client](/docs/integration.md)\n- 🔍 [Manage users with our APIs](/docs/user-api.md)\n- 📝 [Contribution Guidelines](/.github/CONTRIBUTING.md)\n- 📰 [Code of Conduct](/.github/CODE_OF_CONDUCT.md)\n\n\n[1]: https://tools.ietf.org/html/rfc8414 \"OAuth 2.0 Authorization Server Metadata\"\n[2]: https://tools.ietf.org/html/rfc7662 \"OAuth 2 Token Introspection\"\n[3]: https://tools.ietf.org/html/rfc7636 \"Proof Key for Code Exchange by OAuth Public Clients\"\n[4]: https://auth0.com/docs/secure/tokens/json-web-tokens/json-web-key-sets\n[5]: https://datatracker.ietf.org/doc/html/rfc7009\n[6]: https://datatracker.ietf.org/doc/html/rfc8959\n[7]: https://www.rfc-editor.org/rfc/rfc9068 \"JSON Web Token (JWT) Profile for OAuth 2.0 Access Tokens\"\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcurveball%2Fa12n-server","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcurveball%2Fa12n-server","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcurveball%2Fa12n-server/lists"}