{"id":28489976,"url":"https://github.com/makinacorpus/django_pyoidc","last_synced_at":"2026-01-16T10:56:14.482Z","repository":{"id":158247572,"uuid":"633935322","full_name":"makinacorpus/django_pyoidc","owner":"makinacorpus","description":"Authenticate users in your django application using OpenID Connect (OIDC)","archived":false,"fork":false,"pushed_at":"2026-01-13T15:27:41.000Z","size":1382,"stargazers_count":11,"open_issues_count":12,"forks_count":10,"subscribers_count":2,"default_branch":"main","last_synced_at":"2026-01-13T18:16:13.316Z","etag":null,"topics":["django","django-rest-framework","keycloak","keycloak-client","oidc","oidc-client","openid-connect","single-sign-on","sso"],"latest_commit_sha":null,"homepage":"https://django-pyoidc.readthedocs.io/","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"lgpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/makinacorpus.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGES.md","contributing":null,"funding":".github/FUNDING.yml","license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null},"funding":{"github":null,"patreon":null,"open_collective":null,"ko_fi":null,"tidelift":null,"community_bridge":null,"liberapay":null,"issuehunt":null,"lfx_crowdfunding":null,"polar":null,"buy_me_a_coffee":null,"thanks_dev":null,"custom":["https://makina-corpus.com/"]}},"created_at":"2023-04-28T16:08:57.000Z","updated_at":"2026-01-13T15:27:56.000Z","dependencies_parsed_at":"2024-05-21T10:45:33.613Z","dependency_job_id":"d3c67b5c-572e-48f6-87fc-04bc6906aa29","html_url":"https://github.com/makinacorpus/django_pyoidc","commit_stats":null,"previous_names":["makinacorpus/django_pyoidc"],"tags_count":27,"template":false,"template_full_name":null,"purl":"pkg:github/makinacorpus/django_pyoidc","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/makinacorpus%2Fdjango_pyoidc","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/makinacorpus%2Fdjango_pyoidc/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/makinacorpus%2Fdjango_pyoidc/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/makinacorpus%2Fdjango_pyoidc/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/makinacorpus","download_url":"https://codeload.github.com/makinacorpus/django_pyoidc/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/makinacorpus%2Fdjango_pyoidc/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28478096,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-16T06:30:42.265Z","status":"ssl_error","status_checked_at":"2026-01-16T06:30:16.248Z","response_time":107,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["django","django-rest-framework","keycloak","keycloak-client","oidc","oidc-client","openid-connect","single-sign-on","sso"],"created_at":"2025-06-08T07:07:05.895Z","updated_at":"2026-01-16T10:56:14.477Z","avatar_url":"https://github.com/makinacorpus.png","language":"Python","funding_links":["https://makina-corpus.com/"],"categories":[],"sub_categories":[],"readme":"# django-pyoidc\n\n\n\u003cp align=\"center\"\u003e\n\u003ca href=\"https://django-pyoidc.readthedocs.io\"\u003e\n        \u003cimg src=\"https://readthedocs.org/projects/django-pyoidc/badge/?version=stable\u0026style=plastic\"/\u003e\n\u003c/a\u003e\n\u003ca href=\"https://pypi.org/project/django-pyoidc/\"\u003e\n  \u003cimg src=\"https://img.shields.io/pypi/v/django_pyoidc.svg\"/\u003e      \n\u003c/a\u003e\n\u003ca href=\"https://pypi.org/project/django-pyoidc/\"\u003e\n  \u003cimg src=\"https://img.shields.io/pypi/pyversions/django_pyoidc\"/\u003e      \n\u003c/a\u003e\n\u003ca href=\"https://pypi.org/project/django-pyoidc/\"\u003e\n  \u003cimg src=\"[https://img.shields.io/pypi/pyversions/django_pyoidc](https://img.shields.io/pypi/frameworkversions/django/django_pyoidc)\"/\u003e      \n\u003c/a\u003e\n\u003c/p\u003e\n\nThis library allows *Single Sign On* (SSO) integration into Django through the [Open ID Connect (OIDC)]() protocol.\n\nIt can be used to set up a Single Sign On using an identity provider (Keycloak, etc.) or to login using Google, Twitter, etc.\n\n**Warning**: this library has not been audited. However, we are based on [pyoidc](https://github.com/CZ-NIC/pyoidc/) which we believe is a sane OIDC implementation.\n\nWe tried to make OpenID Connect (OIDC) configuration as easy and secure as possible. However \neverything can be customized, and we tried to take into account every use case in the library design.\nIf you are not satisfied with the default configuration, take a look at the cookbook or the setting reference.\n\n## Features\n\n- Easy configuration through premade `Provider` classes (see the list [here](https://django-pyoidc.readthedocs.io/latest/reference.html#providers))\n- Authenticate users from multiple providers\n- Bearer authentication support for [django-rest-framework](https://www.django-rest-framework.org/) integration (**single provider**)\n  - [drf-spectacular](https://drf-spectacular.readthedocs.io/en/latest/customization.html) : your swagger page will allow to connect to your OIDC provider\n- Easy integration with the [Django permission system](https://django-pyoidc.readthedocs.io/latest/how-to.html#use-the-django-permission-system-with-oidc)\n- Highly customizable design that should suit most needs\n- Support back-channel logout\n- Support service accounts (accounts for machine-to-machine authentication)\n- Sane and secure defaults settings\n\n## Roadmap\n\n- Frontchannel logout\n- Switch to django signal system login/logout hooks\n- Allow for audience check without customizing `get_user` using a setting\n\n## Acknowledgement\n\nThis library is built on the work of many others. First of all, thanks to all the maintainers of [pyoidc](https://github.com/CZ-NIC/pyoidc/) as they did all the spec implementation. This library is mostly about glue between Django and *pyoidc*.\n\nWe were also heavily inspired by:\n\n* [`mozilla-django-oidc`](https://github.com/mozilla/mozilla-django-oidc) for its login redirection URI management\n* [`django-auth-oidc`](https://gitlab.com/aiakos/django-auth-oidc) for its hook system\n\nIf you want to understand why we decided to implement our own library, this is documented [here](https://django-pyoidc.readthedocs.io/latest/explanation.html).\n\n## Documentation\n\nThe documentation is graciously hosted at [readthedocs](https://django-pyoidc.readthedocs.io).\n\n## Installation\n\nFirst, install the python package:\n\n```bash\npip install django_pyoidc\n```\n\nThen add the library app to your django applications, after `django.contrib.sessions` and `django.contrib.auth`:\n\n```python\nINSTALLED_APPS = [\n    \"django.contrib.auth\",\n    \"django.contrib.sessions\",\n    ...\n    \"django-pyoidc\"\n]\n```\n\nRemember to add the session middleware! Add in your `settings.py`:\n\n```python\nMIDDLEWARE = [\n    \"django.contrib.sessions.middleware.SessionMiddleware\",\n]\n```\n\nNow is the time to run a migrate operation, as we create a database table ([read why here](https://django-pyoidc.readthedocs.io/latest/explanation.html#about-caching)). Run in your project dir:\n\n```\n./manage.py migrate\n```\n\nWe also need a cache ([read why here](https://django-pyoidc.readthedocs.io/latest/explanation.html#about-caching)), so let's configure a dumb one for development purposes. Add in your `settings.py`:\n\n```python\nCACHES = {\n    \"default\": {\n        \"BACKEND\": \"django.core.cache.backends.locmem.LocMemCache\",\n        \"LOCATION\": \"unique-snowflake\",\n    }\n}\n```\n\nNow you can pick an identity provider from the [available providers](https://django-pyoidc.readthedocs.io/latest/reference.html#providers). Provider classes are a quick way to generate the library configuration and URLs. You can also configure the settings manually, but this is not recommended if you are not familiar with the OpendID Connect (OIDC) protocol.\n\nAdd the following `DJANGO_PYOIDC` to your `settings.py`:\n\n```python\n# settings\nDJANGO_PYOIDC = {\n    # This is the name that your identity provider will have within the library\n    \"sso\": {\n        # change the following line to use your provider\n        \"provider_class\": \"django_pyoidc.providers.keycloak_18.Keycloak18Provider\",\n        \n        # your secret should not be stored in settings.py, load them from an env variable\n        \"client_secret\": os.getenv(\"SSO_CLIENT_SECRET\"),\n        \"client_id\": os.getenv(\"SSO_CLIENT_ID\"),\n        \n        \"provider_discovery_uri\": \"https://keycloak.example.com/auth/realms/fixme\",\n        \n        # This setting allow the library to cache the provider configuration auto-detected using\n        # the `provider_discovery_uri` setting\n        \"oidc_cache_provider_metadata\": True,\n    }\n```\n\nFinally, add OIDC views to your url configuration (`urls.py`):\n\n```python\nfrom django_pyoidc.helper import OIDCHelper\n\n# `op_name` must be the name of your identity provider as used in the `DJANGO_PYOIDC` setting\noidc_helper = OIDCHelper(op_name=\"sso\")\n\nurlpatterns = [\n    path(\n        \"auth/\",\n        include((oidc_helper.get_urlpatterns(), \"django_pyoidc\"), namespace=\"auth\"),\n    ),\n]\n```\n\nAnd you are ready to go!\n\nIf you struggle with those instructions, take a look at [the quickstart tutorial](https://django-pyoidc.readthedocs.io/latest/tutorial.html).\n\n## Usage/Examples\n\nWe wrote an extensive collection of 'how-to' guides in the [documentation](https://django-pyoidc.readthedocs.io/latest/index.html).\n\n## Appendix\n\n- [Development instructions](./DEVELOPMENT.md)\n\n## Commercial support\n\nThis project is sponsored by Makina Corpus. If you require assistance on your project(s), please contact us: contact@makina-corpus.com\n\n## Report a security vulnerability\n\n## License\n\n[GPL](./LICENSE)\n\n\n## Authors\n\n- [@gbip](https://www.github.com/gbip)\n- [@regilero](https://github.com/regilero)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmakinacorpus%2Fdjango_pyoidc","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmakinacorpus%2Fdjango_pyoidc","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmakinacorpus%2Fdjango_pyoidc/lists"}