Data

Tools

Indexes

Applications

Experiments

Awesome

An open API service indexing awesome lists of open source software.

awesome-auth

📊 Software and Libraries for Authentication & Authorization & SSO & IAM
https://github.com/casbin/awesome-auth

Last synced: about 21 hours ago
JSON representation

  • SSO (Single-Sign-On), IAM (Identity Access Management)

    • Keycloak - Open Source Identity and Access Management.
    • Authelia - The Single Sign-On Multi-Factor portal for web apps.

  • Authorization

    • <a name="authZ-golang"></a>Golang

      • Topaz - Fine-grained authorization for cloud-native applications. Combining the best of OPA and Zanzibar
      • Casbin - Authorization library that supports access control models like ACL, RBAC, ABAC in Golang.
      • goRBAC - Lightweight role-based access control implementation in Go.
      • Ladon - SDK for access control policies: authorization for the microservice and IoT age.
      • Foulkon - Authorization server that allows or denies access to web resources.
      • Gocialite - Social OAuth login in Go with multiple providers has never been so easy.
      • Ory Keto - Access control server capable of solving complex use cases (multi-tenant, attribute-based access control, etc.) with access control policies.
      • OIDC - OpenID Connect Library (client and server) for Go
      • SpiceDB - Open-source implementation of the Zanzibar paper, a performant database for fine-grained permissions.
      • ZITADEL - Cloud-native Identity & Access Management platform for secure authentication, authorization and identity management.

    • <a name="authZ-ios"></a>iOS

      • Permission - Unified API to ask for permissions on iOS.
      • Authgear SDK for iOS - With Authgear SDK for iOS, you can easily integrate authorization features into your iOS apps.

    • <a name="authZ-node"></a>Node.js

      • pundit-ts - Fully type-safe authorization library inspired by awesome [pundit](https://github.com/varvet/pundit) gem. Can be used for RBAC, ABAC access control models or any other model you wish.
      • Node-Casbin - Authorization library that supports access control models like ACL, RBAC, ABAC in Node.js.
      • ABAC - Attribute-based access control for Node.js.
      • accesscontrol - Role and attribute-based access control for Node.js.
      • RBAC - Hierarchical role-based access control for Node.js.

    • <a name="authZ-android"></a>Android

      • AndPermission - Android runtime permission, support the right to apply for permission at any place.
      • Authgear SDK for Android - Android SDK to authenticate and authorize users based on the OAuth 2.0 authorization framework.

    • <a name="authZ-cSharp"></a>C#

      • Casbin.NET - Authorization library that supports access control models like ACL, RBAC, ABAC in .NET (C#).
      • DotNetOpenAuth - Implementation of the OpenID, OAuth protocols.
      • AuthorizationServer - Sample implementation of an OAuth2 authorization server.

    • <a name="authZ-php"></a>PHP

      • PHP-RBAC - Authorization library for PHP which provides developers with NIST Level 2 hierarchical role-based access control.
      • ezRbac - Simple yet easy to implement role-based access control library for popular PHP framework: [Codeigniter](https://github.com/bcit-ci/CodeIgniter).
      • PHP-Casbin - Authorization library that supports access control models like ACL, RBAC, ABAC in PHP.
      • php-abac - Attribute-based access control library.
      • laravel-permission - Allows you to manage user permissions and roles in a database.
      • logical-permissions-php - This is a generic library that provides support for array-based permissions with logic gates such as AND and OR.
      • symfony-logical-authorization-bundle - This Symfony bundle provides a unifying solution for authorization that aims to be flexible, convenient and consistent.

    • <a name="authZ-rust"></a>Rust

      • Casbin-Rs - Authorization library that supports access control models like ACL, RBAC, ABAC in Rust.

    • <a name="authZ-java"></a>Java

      • jCasbin - Authorization library that supports access control models like ACL, RBAC, ABAC in Java.
      • AT&T XACML - XACML 3.0 implementation from AT&T.
      • Apache Sentry - Highly modular system for providing fine grained role based authorization to both data and metadata stored on an Apache Hadoop cluster.
      • TOTP Server-Side Library - TOTP server-side library.
      • Apache Shiro - Powerful and easy-to-use Java security framework that performs authentication, authorization, cryptography, and session management.
      • pac4j - Security engine for Java (authentication, authorization, multi-frameworks): OAuth, CAS, SAML, OpenID Connect, LDAP, JWT.

    • <a name="authZ-python"></a>Python

      • PyCasbin - Authorization library that supports access control models like ACL, RBAC, ABAC in Python.
      • Simple RBAC - Simple role-based access control utility for Python.
      • Flask-RBAC - Adds RBAC support to [Flask](https://github.com/pallets/flask).
      • Vakt - Attribute-based access control (ABAC) SDK for Python.

    • <a name="authZ-ruby"></a>Ruby

      • Pundit - Minimal authorization through OO design and pure Ruby classes.
      • Casbin - Authorization library that supports access control models like ACL, RBAC, ABAC in Ruby.
      • CanCanCan - Authorization for Ruby on Rails.
      • Oso - Batteries-included framework for building authorization in your Ruby application.

  • Articles

  • Authentication

    • <a name="authN-cSharp"></a>C#

      • Kentor Authentication Services - Saml2 authentication services for ASP.NET.
      • Xamarin.Auth - Helps developers authenticate users via standard authentication mechanisms (e.g. OAuth 1.0 and 2.0), and store user credentials.
      • SimpleAuthentication - ASP.NET library that makes it really easy and simple for developers to add social authentication to an ASP.NET application.
      • OwinOAuthProviders - OAuth providers for Owin.
      • AspNetSaml - SAML library for ASP.NET Core
      • AspNet.Security.OAuth.Providers - OAuth2 social authentication providers for ASP.NET Core.
      • IdentityServer4 - OpenID Connect & OAuth 2.0 framework for ASP.NET Core.
      • Authgear SDK for Xamarin - You can easily integrate authentication features into your Xamarin apps. In most cases, it involves just a few lines of code to enable multiple authentication methods.
      • IdentityServer4 - OpenID Connect & OAuth 2.0 framework for ASP.NET Core.

    • <a name="authN-java"></a>Java

    • <a name="authN-golang"></a>Golang

      • Ory Hydra - OpenID Connect certified OAuth2 server.
      • Ory Kratos - API-first Identity and User Management system built for cloud applications.
      • Ory Oathkeeper - Identity/Access proxy inspired by the BeyondCorp/Zero-Trust white paper.
      • Ory Fosite - Extensible OAuth 2.0 and OpenID Connect SDK for Golang.
      • Casdoor - UI-first centralized authentication / Single-Sign-On (SSO) platform supporting OAuth 2.0 / OIDC and SAML.
      • ZITADEL - Cloud-native Identity & Access Management platform for secure authentication, authorization and identity management.

    • <a name="authN-node"></a>Node.js

      • Passport - Simple, unobtrusive authentication for Node.js. A comprehensive set of strategies support authentication using a username and password, Facebook, Twitter, and more.
      • bell - Third-party authentication plugin for hapi. Ships with built-in support for various well-known sites and simple configuration object will support other OAuth 1.0a and OAuth 2.0 sites.

    • <a name="authN-python"></a>Python

      • Keystone - Provides authentication, authorization and service discovery mechanisms via HTTP primarily for use by projects in the OpenStack family.
      • Authomatic - Simple yet powerful authorization & authentication client library for Python web applications.
      • Python Social Auth - Easy to setup social authentication/registration mechanism with support for several frameworks and auth providers.
      • Raider - Web authentication testing framework, which treats the authentication process as finite state machines.

    • <a name="authN-ruby"></a>Ruby

      • Authlogic - Clean, simple, and unobtrusive Ruby authentication solution.

    • <a name="authN-flutter"></a>Flutter

      • Authgear SDK for Flutter - With Authgear SDK for Flutter, you can easily integrate authentication features into your Flutter apps. In most cases, it involves just a few lines of code to enable multiple authentication methods.
Programming Languages
Go 15 C# 10 Java 8 Python 8 PHP 7 Ruby 4 JavaScript 4 TypeScript 3 Rust 2 Swift 2
Categories
Authorization 44 Authentication 25 Articles 9 SSO (Single-Sign-On), IAM (Identity Access Management) 2
Sub Categories
<a name="authZ-ruby"></a>Ruby 13 <a name="authZ-golang"></a>Golang 10 <a name="authN-cSharp"></a>C# 9 <a name="authZ-php"></a>PHP 7 <a name="authZ-java"></a>Java 6 <a name="authN-golang"></a>Golang 6 <a name="authZ-node"></a>Node.js 5 <a name="authZ-python"></a>Python 4 <a name="authN-python"></a>Python 4 <a name="authZ-cSharp"></a>C# 3 <a name="authN-java"></a>Java 2 <a name="authZ-android"></a>Android 2 <a name="authZ-ios"></a>iOS 2 <a name="authN-node"></a>Node.js 2 <a name="authZ-rust"></a>Rust 1 <a name="authN-ruby"></a>Ruby 1 <a name="authN-flutter"></a>Flutter 1
Keywords
authorization 22 authentication 13 rbac 13 oauth2 11 security 11 auth 11 abac 11 acl 10 access-control 10 permission 10 openid-connect 9 oauth 8 casbin 7 authz 7 permissions 6 python 6 oidc 6 saml 6 sso 6 golang 6 java 5 sdk 5 identity 4 dotnet 4 nodejs 4 go 4 android 3 jwt 3 openid 3 ios 3 login 3 library 3 mfa 3 ldap 3 php 3 server 3 scim 2 aspnetcore 2 single-sign-on 2 shiro 2 javascript 2 ruby 2 oauth-provider 2 user 2 roles 2 webauthn 2 rust 2 totp 2 authn 2 cas 2