{"id":13483489,"url":"https://github.com/privacyidea/privacyidea","last_synced_at":"2025-05-13T18:12:13.557Z","repository":{"id":17642233,"uuid":"20446681","full_name":"privacyidea/privacyidea","owner":"privacyidea","description":":closed_lock_with_key: multi factor authentication system (2FA, MFA, OTP Server)","archived":false,"fork":false,"pushed_at":"2025-05-05T09:53:55.000Z","size":71879,"stargazers_count":1591,"open_issues_count":209,"forks_count":341,"subscribers_count":62,"default_branch":"master","last_synced_at":"2025-05-05T10:43:07.380Z","etag":null,"topics":["2fa","authentication","ca","certificates","identityserver","idm","mfa","opensource","otp","otp-server","python","two-factor","two-factor-authentication"],"latest_commit_sha":null,"homepage":"http://www.privacyidea.org","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"agpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/privacyidea.png","metadata":{"files":{"readme":"README.rst","changelog":"Changelog","contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":"AUTHORS.md","dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2014-06-03T14:47:02.000Z","updated_at":"2025-05-05T09:53:47.000Z","dependencies_parsed_at":"2023-10-16T19:21:38.484Z","dependency_job_id":"9b0d282b-762f-4ef2-8a1f-a35a530a57a0","html_url":"https://github.com/privacyidea/privacyidea","commit_stats":{"total_commits":6706,"total_committers":162,"mean_commits":41.39506172839506,"dds":"0.42663286609006856","last_synced_commit":"0c7b799aea705921cb257274a43ee4414e821097"},"previous_names":[],"tags_count":232,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/privacyidea%2Fprivacyidea","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/privacyidea%2Fprivacyidea/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/privacyidea%2Fprivacyidea/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/privacyidea%2Fprivacyidea/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/privacyidea","download_url":"https://codeload.github.com/privacyidea/privacyidea/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":254000857,"owners_count":21997442,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["2fa","authentication","ca","certificates","identityserver","idm","mfa","opensource","otp","otp-server","python","two-factor","two-factor-authentication"],"created_at":"2024-07-31T17:01:11.859Z","updated_at":"2025-05-13T18:12:13.485Z","avatar_url":"https://github.com/privacyidea.png","language":"Python","readme":"privacyIDEA\n===========\n\n.. .. image:: https://circleci.com/gh/privacyidea/privacyidea/tree/master.svg?style=shield\u0026circle-token=:circle-token\n..     :alt: CircleCI\n..     :target: https://circleci.com/gh/privacyidea/privacyidea\n\n.. image:: https://codecov.io/gh/privacyidea/privacyidea/coverage.svg?branch=master\n    :target: https://codecov.io/gh/privacyidea/privacyidea?branch=master\n\n.. .. image:: https://img.shields.io/pypi/dm/privacyidea.svg\n..    :alt: Downloads\n..    :target: https://pypi.python.org/pypi/privacyIDEA/\n\n.. image:: https://img.shields.io/pypi/v/privacyidea.svg\n    :alt: Latest Version\n    :target: https://pypi.python.org/pypi/privacyIDEA/#history\n\n.. image:: https://img.shields.io/pypi/pyversions/privacyidea.svg\n    :alt: PyPI - Python Version\n    :target: https://pypi.python.org/pypi/privacyIDEA/\n\n.. image:: https://img.shields.io/github/license/privacyidea/privacyidea.svg\n    :alt: License\n    :target: https://pypi.python.org/pypi/privacyIDEA/\n\n.. image:: https://readthedocs.org/projects/privacyidea/badge/?version=master\n    :alt: Documentation\n    :target: http://privacyidea.readthedocs.org/en/master/\n\n.. .. image:: https://codeclimate.com/github/privacyidea/privacyidea/badges/gpa.svg\n..    :alt: Code Climate\n..    :target: https://codeclimate.com/github/privacyidea/privacyidea\n\n.. .. image:: https://api.codacy.com/project/badge/grade/d58934978e1a4bcca325f2912ea386ff\n    :alt: Codacy Badge\n    :target: https://www.codacy.com/app/cornelius-koelbel/privacyidea\n\n.. image:: https://img.shields.io/twitter/follow/privacyidea.svg?style=social\u0026label=Follow\n    :alt: privacyIDEA on twitter\n\nprivacyIDEA is an open solution for strong two-factor authentication like\nOTP tokens, SMS, smartphones or SSH keys.\nUsing privacyIDEA you can enhance your existing applications like local login\n(PAM, Windows Credential Provider),\nVPN, remote access, SSH connections, access to web sites or web portals with\na second factor during authentication. Thus boosting the security of your\nexisting applications.\n\nOverview\n========\n\nprivacyIDEA runs as an additional service in your network and you can connect different\napplications to privacyIDEA.\n\n.. image:: https://privacyidea.org/wp-content/uploads/2017/privacyIDEA-Integration.png\n    :alt: privacyIDEA Integration\n\nprivacyIDEA does not bind you to any decision of the authentication\nprotocol, nor does it dictate you where your user information should be\nstored. This is achieved by its totally modular architecture.\nprivacyIDEA is not only open as far as its modular architecture is\nconcerned. But privacyIDEA is completely licensed under the AGPLv3.\n\nIt supports a wide variety of authentication devices like OTP tokens\n(HMAC, HOTP, TOTP, OCRA, mOTP), Yubikey (HOTP, TOTP, AES), FIDO U2F, as well\nas FIDO2 WebAuthn devices like Yubikey and Plug-Up, smartphone Apps like Google\nAuthenticator, FreeOTP, Token2  or TiQR, SMS, Email, SSH keys, x509 certificates\nand Registration Codes for easy deployment.\n\nprivacyIDEA is based on Flask and SQLAlchemy as the python backend. The\nweb UI is based on angularJS and bootstrap.\nA MachineToken design lets you assign tokens to machines. Thus you can use\nyour Yubikey to unlock LUKS, assign SSH keys to SSH servers or use Offline OTP\nwith PAM.\n\nYou may join the discourse discussion forum to give feedback, help other users,\ndiscuss questions and ideas:\nhttps://community.privacyidea.org\n\n\nSetup\n=====\n\nFor setting up the system to *run* it, please read install instructions\nat `privacyidea.readthedocs.io \u003chttp://privacyidea.readthedocs.io/en/latest/installation/index\n.html\u003e`_.\n\nIf you want to setup a development environment start like this::\n\n    git clone https://github.com/privacyidea/privacyidea.git\n    cd privacyidea\n    virtualenv venv\n    source venv/bin/activate\n    pip install -r requirements.txt\n\n.. _testing_env:\n\nYou may additionally want to set up your environment for testing, by adding the\nadditional dependencies::\n\n    pip install -r tests/requirements.txt\n\nYou may also want to read the blog post about development and debugging at\nhttps://www.privacyidea.org/privacyidea-development-howto/\n\nGetting and updating submodules\n===============================\n\nThe client-side library for the registering and signing of WebAuthn-Credentials\nresides in a submodule.\n\nTo fetch all submodules for this repository, run::\n\n   git submodule update --init --recursive\n\nWhen pulling changes from upstream later, you can automatically update any outdated\nsubmodules, by running::\n\n   git pull --recurse-submodules\n\nRunning it\n==========\n\nFirst You need to create a `config-file \u003chttps://privacyidea.readthedocs\n.io/en/latest/installation/system/inifile.html\u003e`_.\n\nThen create the database tables and the encryption key::\n\n    ./pi-manage create_tables\n    ./pi-manage create_enckey\n\nIf You want to keep the development database upgradable, You should `stamp\n\u003chttps://privacyidea.readthedocs.io/en/latest/installation/upgrade.html\u003e`_ it\nto simplify updates::\n\n    ./pi-manage db stamp head -d migrations/\n\nCreate the key for the audit log::\n\n    ./pi-manage create_audit_keys\n\nCreate the first administrator::\n\n    ./pi-manage admin add \u003cusername\u003e\n\nRun it::\n\n    ./pi-manage run\n\nNow you can connect to http://localhost:5000 with your browser and login\nas administrator.\n\nRun tests\n=========\n\nIf you have followed the steps above to set up your\n`environment for testing \u003c#testing-env\u003e`__, running the test suite should be as\neasy as running `pytest \u003chttp://pytest.org/\u003e`_ with the following options::\n\n    python -m pytest -v --cov=privacyidea --cov-report=html tests/\n\nContributing\n============\n\nThere are a lot of different ways to contribute to privacyIDEA, even\nif you are not a developer.\n\nIf you found a security vulnerability please report it to\nsecurity@privacyidea.org.\n\nYou can find detailed information about contributing here:\nhttps://github.com/privacyidea/privacyidea/blob/master/CONTRIBUTING.md\n\nCode structure\n==============\n\nThe database models are defined in ``models.py`` and tested in\ntests/test_db_model.py.\n\nBased on the database models there are the libraries ``lib/config.py`` which is\nresponsible for basic configuration in the database table ``config``.\nAnd the library ``lib/resolver.py`` which provides functions for the database\ntable ``resolver``. This is tested in tests/test_lib_resolver.py.\n\nBased on the resolver there is the library ``lib/realm.py`` which provides\nfunctions\nfor the database table ``realm``. Several resolvers are combined into a realm.\n\nBased on the realm there is the library ``lib/user.py`` which provides functions\nfor users. There is no database table user, since users are dynamically read\nfrom the user sources like SQL, LDAP, SCIM or flat files.\n\nSubscriptions and limitations of community edition\n==================================================\n\nUsing privacyIDEA Server and the privacyIDEA FreeRADIUS plugin there is technically no\nlimitation of the community edition or the code in this repository.\nAdmins will receive a welcome message about possible support, if more than 50 users\nare enrolled.\n\nPlugins\n-------\n\nThe privacyIDEA project also provides several plugins for 3rd party applications like SSO Identity Providers\nor Windows Login.\n\nPlugins can be limited in the number of users. I.e. the plugin will complain, if the total number of users\nin privacyIDEA with an active token exceeds a certain limit. There is a certain base number of users, with which\nthe plugin will work. To enhance this number, you will need a subscription. In some cases an additional\ndemo subscription can be found in the release list of the corresponding github plugin repository,\nyou can get a subscription from the company NetKnights\nor if you have a very good understanding of this Open Source code, you could create a subscription on your own.\n\n====================  ==============  ========================\nPlugin                Number of users\n--------------------  ----------------------------------------\nName                  contained       in demo subscription\n====================  ==============  ========================\nKeycloak              10000           N/A\nSimpleSAMLphp         10000           N/A\nShibboleth            10000           N/A\nADFS                  50              50\nprivacyIDEA PAM       10000           N/A\nCredential Provider   50              50\nownCloud              50              N/A\nLDAP proxy            50              N/A\n====================  ==============  ========================\n\nVersioning\n==========\nprivacyIDEA adheres to `Semantic Versioning \u003chttp://semver.org/\u003e`_.\n","funding_links":[],"categories":["Python","\u003ca id=\"tag-dev\" href=\"#tag-dev\"\u003eDev\u003c/a\u003e","[🧑‍💻 dev](https://github.com/stars/ketsapiwiq/lists/dev)"],"sub_categories":["\u003ca id=\"tag-dev.security\" href=\"#tag-dev.security\"\u003eSecurity\u003c/a\u003e"],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fprivacyidea%2Fprivacyidea","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fprivacyidea%2Fprivacyidea","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fprivacyidea%2Fprivacyidea/lists"}