{"id":34196744,"url":"https://github.com/vigiloauth/vigilo","last_synced_at":"2026-03-13T04:33:50.973Z","repository":{"id":262183801,"uuid":"886421132","full_name":"vigiloauth/vigilo","owner":"vigiloauth","description":"OAuth 2.0 \u0026 OIDC Auth Server and Identity Provider","archived":false,"fork":false,"pushed_at":"2025-11-27T06:15:09.000Z","size":2373,"stargazers_count":86,"open_issues_count":51,"forks_count":7,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-12-18T18:55:40.196Z","etag":null,"topics":["auth-server","authentication","authorization","golang","identity-provider","idp","oauth2","oidc","open-source","security"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/vigiloauth.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"docs/contributing/README.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2024-11-10T23:51:36.000Z","updated_at":"2025-12-10T09:21:45.000Z","dependencies_parsed_at":null,"dependency_job_id":"59a9723c-3df9-414f-b099-ee8d1a1d19f3","html_url":"https://github.com/vigiloauth/vigilo","commit_stats":null,"previous_names":["vigiloauth/vigilo"],"tags_count":77,"template":false,"template_full_name":null,"purl":"pkg:github/vigiloauth/vigilo","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/vigiloauth%2Fvigilo","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/vigiloauth%2Fvigilo/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/vigiloauth%2Fvigilo/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/vigiloauth%2Fvigilo/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/vigiloauth","download_url":"https://codeload.github.com/vigiloauth/vigilo/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/vigiloauth%2Fvigilo/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":30458001,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-03-13T03:55:51.346Z","status":"ssl_error","status_checked_at":"2026-03-13T03:55:33.055Z","response_time":60,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["auth-server","authentication","authorization","golang","identity-provider","idp","oauth2","oidc","open-source","security"],"created_at":"2025-12-15T17:22:10.126Z","updated_at":"2026-03-13T04:33:50.941Z","avatar_url":"https://github.com/vigiloauth.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"# VigiloAuth\n\n![Latest Version](https://img.shields.io/github/tag/vigiloauth/vigilo?label=latest%20version)\n![Github Repo Stars](https://img.shields.io/github/stars/vigiloauth/vigilo?style=flat)\n[![Open Source Helpers badge](https://codetriage.com/vigiloauth/vigilo/badges/users.svg)](https://codetriage.com/vigiloauth/vigilo)\n[![Go Report](https://goreportcard.com/badge/github.com/vigiloauth/vigilo)](https://goreportcard.com/report/github.com/vigiloauth/vigilo)\n[![Go Coverage](https://github.com/vigiloauth/vigilo/wiki/coverage.svg)](https://raw.githack.com/wiki/vigiloauth/vigilo/coverage.html)\n[![golangci-lint](https://github.com/vigiloauth/vigilo/actions/workflows/golangci-lint.yml/badge.svg)](https://github.com/vigiloauth/vigilo/actions/workflows/golangci-lint.yml)\n\n---\n\n\u003eπŸ’‘ **VigiloAuth is under active development** and already supports core OAuth2 and OIDC flows, with more on the way!\n\n\u003eβš–οΈ **Apache 2.0 License:**\nThis server is free and open source, developed for community use and OIDF certification.\n\n\u003eπŸ’¬ **Join the Conversation:**\nWe're gathering feedback and ideas in the discussion threads. Come share your thoughts!\n\n\u003e πŸ’» The Admin UI can be found [here](https://github.com/vigiloauth/vigilo-ui)\n\n---\n\n## Table of Contents\n- [VigiloAuth](#vigiloauth)\n\t- [Table of Contents](#table-of-contents)\n\t- [1. Introduction](#1-introduction)\n\t- [2. Features](#2-features)\n\t\t- [2.1. Currently Implemented](#21-currently-implemented)\n\t\t- [2.2. Planned Features](#22-planned-features)\n\t\t- [2.3. Open ID Conformance Tests](#23-open-id-conformance-tests)\n\t- [3. Documentation](#3-documentation)\n\t- [4. Contributing](#4-contributing)\n\t\t- [4.1 How to Contribute](#41-how-to-contribute)\n\t\t- [4.2. Commit Standards](#42-commit-standards)\n\t\t- [4.3. Commit Types](#43-commit-types)\n\t- [6. License](#5-license)\n\n---\n\n## 1. Introduction\n\nVigiloAuth is designed to simplify the implementation of OAuth 2.0 and OpenID Connect (OIDC) authentication servers. Whether you need a full-fledged **authentication server**, an **identity server**, or both, VigiloAuth provides compliant endpoints that you can easily integrate into your application without writing any complex code.\n\nWith VigiloAuth, you can quickly set up secure authentication and identity management solutions for your application, allowing users to authenticate and easily manage their identities. VigiloAuth comes pre-configured with common authentication flows and identity management endpoints, saving you time and effort while making sure that your system complies with industry standards.\n\nWhether you are building a simple app or a complex enterprise system, **VigiloAuth** provides a solid foundation for handling authentication and identity management with minimal effort.\n\n---\n\n## 2. Features\n\n### 2.1. Currently Implemented\n- βœ… **User Registration**\n- βœ… **User Email Verification**\n- βœ… **Basic User Authentication**\n- βœ… **OAuth User Authentication**\n- βœ… **Authorization Code Flow**\n- βœ… **Authorization Code Flow With PKCE**\n- βœ… **Resource Owner Password Credentials Flow**\n- βœ… **Client Credentials Flow**\n- βœ… **Dynamic Client Registration**\n- βœ… **Audit Logging**\n- βœ… **Docker Server Instance**\n- βœ… **Token Refresh**\n- βœ… **Token Introspection**\n- βœ… **Token Revocation**\n- βœ… **OIDC UserInfo Endpoint**\n- βœ… **OIDC Discovery Endpoint**\n- βœ… **OIDC JSON Web Key Set Endpoint**\n- βœ… **In Memory Storage**\n\n### 2.2. Planned Features\n\n- πŸ› οΈ **Realm Support**\n- πŸ› οΈ **Phone Number Verification**\n- πŸ› οΈ **Password Recovery**\n- πŸ› οΈ **User Profile Management**\n- πŸ› οΈ **Role-Based Access Control (RBAC)**\n- πŸ› οΈ **Scope-Based Access Control**\n- πŸ› οΈ **User Consent Management**\n- πŸ› οΈ **Time-Based OTP Authentication**\n- πŸ› οΈ **Backup Recovery Codes**\n- πŸ› οΈ **Implicit Grant Flow**\n- πŸ› οΈ **OIDC Hybrid Flow**\n- πŸ› οΈ **Device Authorization Grant**\n- πŸ› οΈ **Back Channel Authentication Flow**\n- πŸ› οΈ **Social Login Integration Hooks**\n- πŸ› οΈ **Dynamic Database Configuration**\n- πŸ› οΈ **UI for User Authentication**\n\n---\n\n### 2.3. Open ID Conformance Tests\n\nYou can find the list of our currently passing conformance tests [here](https://www.certification.openid.net/plan-detail.html?public=true\u0026plan=ZbxeUWhH8Vldh).\n\n---\n\n## 3. Documentation\n\nComprehensive documentation is available in the [User Guide](./docs/user_guide/README.md).\n- [Configuration Guide](./docs/user_guide/configuration/configuration_guide.md)\n- [API Endpoints](./docs/user_guide/identity/README.md)\n\n---\n\n## 4. Contributing\n\nWe welcome contributions to improve VigiloAuth! Follow the steps below to ensure a smooth contribution process.\n\n\u003e_If you're a first-time contributor, check out our [Good First Issues](https://github.com/vigiloauth/vigilo/issues?q=is%3Aissue%20state%3Aopen%20label%3A%22good%20first%20issue%22)._\n\n### 4.1. Reporting Security Vulnerabilities\n\nIf you have found a security vulnerability, please follow our [instructions](./SECURITY.md) on how to properly report it.\n\n### 4.2. How to Contribute\n\n1. **Fork the Repository**: Create your own fork on GitHub.\n2. **Clone Your Fork**: Clone it to your local development environment.\n3. **Create a Branch**: Create a new branch from `master` (e.g., `feature/my-feature`).\n4. **Make Your Changes**: Implement your changes in alignment with project goals.\n5. **Write Tests**: Add or update tests to cover your changes.\n6. **Commit Your Changes**: Use **Conventional Commits** (see below).\n7. **Push Your Changes**: Push your branch to your GitHub fork.\n8. **Open a Pull Request**: Submit a PR to the main repository and clearly describe your changes.\n\n### 4.3. Commit Standards\n\nWe follow the **_Conventional Commit_** standards to ensure clear and meaningful commit messages. Use the format:\n```azure\n\u003ctype\u003e[optional scope]: \u003cdescription\u003e\n[optional body]\n[optional footer(s)]\n```\n\n### 4.4. Commit Types\n\n- `breaking`: Introduce a breaking change that may require users to modify their code or dependencies.\n- `feat`: Add a new feature that enhances the functionality of the project.\n- `fix`: Apply a bug fix that resolves an issue without affecting functionality.\n- `task`: Add or modify internal functionality that supports the codebase but doesn't introduce a new feature or fix a bug (e.g., utility methods, service logic, or internal improvements).\n- `docs`: Update documentation, such as fixing typos or adding new information.\n- `style`: Changes that don’t affect the code’s behavior, like formatting or code style adjustments.\n- `refactor`: Refactor code without adding features or fixing bugs.\n- `test`: Add or modify tests.\n- `chore`: Miscellaneous changes like updates to build tools or dependencies.\n\nFor more information about contributing, please read our [contribution guide](./docs/contributing/README.md)\n\n---\n\n## 5. Quickstart Example\n\nTo get started with VigiloAuth, follow this minimal example:\n\n**1. Create a `vigilo.yaml` configuration file**\n```yaml\nlog_level: debug\n\nserver_config:\n port: 8080\n session_cookie_name: vigilo-session\n domain: auth.example.com\n force_https: true\n read_timeout: 30\n write_timeout: 30\n```\n\n**2. Create a `.env` file for secrets**\n```yaml\nSMTP_USERNAME=your_smtp_user\nSMTP_FROM_ADDRESS=auth@yourdomain.com\nSMTP_PASSWORD=your_smtp_password\nTOKEN_ISSUER=auth.yourdomain.com\nTOKEN_PRIVATE_KEY=base64_encoded_private_key\nTOKEN_PUBLIC_KEY=base64_encoded_public_key\n```\n\n**3. Create a `docker-compose.yaml` file**\n```yaml\nversion: '3.9'\nservices:\n vigilo-auth:\n image: vigiloauth/server:latest\n container_name: vigilo-auth\n ports:\n - \"8080:8080\"\n volumes:\n - ./vigilo.yaml:/app/vigilo.yaml\n environment:\n VIGILO_CONFIG_PATH: /app/vigilo.yaml\n SMTP_USERNAME: ${SMTP_USERNAME}\n SMTP_FROM_ADDRESS: ${SMTP_FROM_ADDRESS}\n SMTP_PASSWORD: ${SMTP_PASSWORD}\n TOKEN_ISSUER: ${TOKEN_ISSUER}\n TOKEN_PRIVATE_KEY: ${TOKEN_PRIVATE_KEY}\n TOKEN_PUBLIC_KEY: ${TOKEN_PUBLIC_KEY}\n```\n\n**4. Run the server**\n```bash\ndocker-compose up\n```\n\n\u003eFor the full configuration guide and how to include the Admin-UI, refer to the [User Guide](./docs/user_guide/configuration/docker.md)\n\n---\n\n## 6. License\n\nCopyright 2024 Olivier PimparΓ©-Charbonneau\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this file except in compliance with the License.\nYou may obtain a copy of the License at\n\n http://www.apache.org/licenses/LICENSE-2.0\n\nUnless required by applicable law or agreed to in writing, software distributed under the License is distributed on an \"AS IS\" BASIS,\nWITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\nSee the License for the specific language governing permissions and limitations under the License.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fvigiloauth%2Fvigilo","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fvigiloauth%2Fvigilo","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fvigiloauth%2Fvigilo/lists"}