Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/earthodev/eartho
The Open-Source, Privacy-Focused Alternative to Google Sign-In
https://github.com/earthodev/eartho
apple-login apple-sign-in auth authentication authorization eartho facebook-login google-identity google-login google-sign-in google-signin login login-system nextjs nextjs14 payments
Last synced: 4 days ago
JSON representation
The Open-Source, Privacy-Focused Alternative to Google Sign-In
- Host: GitHub
- URL: https://github.com/earthodev/eartho
- Owner: earthodev
- Created: 2022-06-08T07:21:02.000Z (over 2 years ago)
- Default Branch: main
- Last Pushed: 2024-12-06T09:35:51.000Z (21 days ago)
- Last Synced: 2024-12-16T05:29:35.827Z (11 days ago)
- Topics: apple-login, apple-sign-in, auth, authentication, authorization, eartho, facebook-login, google-identity, google-login, google-sign-in, google-signin, login, login-system, nextjs, nextjs14, payments
- Language: TypeScript
- Homepage: https://eartho.io
- Size: 4.71 MB
- Stars: 198
- Watchers: 5
- Forks: 4
- Open Issues: 1
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
---
Please note: We take Eartho's security and our users' trust very seriously. If you believe you have found a security issue in Eartho, please responsibly disclose by contacting us at [email protected]
---
The Open-Source,
Privacy-Focused Alternative to Google Sign-In
(In Construction, Join Us)
Eartho is an open-source sign-in alternative for users that prioritizes convenience & user privacy.
It offers a flexible, secure, and privacy-first alternative to traditional login providers like Google Sign-In, Apple, or Facebook.
Eartho ensures that users' personal data stays protected from Big Tech tracking, while developers benefit from a simple, easy-to-integrate solution.
Website
| Open Eartho Account
| Developers Dasboard
| Demo
| Our Discord
| Our Email
🌟 Please give us a star to help us continue and grow! 🌟
Name
Auth0
Clerk
Stack-Auth
Image
Name
Supabase
Firebase
Image
Current Challenges in User Access
Long-Term Data Ownership:
Using major platforms for login often means surrendering control of your data indefinitely. Users want clarity on who owns their data and how it’s stored and managed over time.
Fragmented Digital Identities:
With accounts scattered across platforms like Google, Facebook, LinkedIn, and more, managing logins becomes complex. People need a unified, secure way to access apps without losing track of their identities.
I don’t want to be forced to share my real identity:
Some users prefer to log in with minimal details, without needing to disclose personal information like email, phone number, or full name.
What happens to my accounts when I die?
Many are concerned about the future of their digital identity. They want clear control over how their accounts are managed if they’re no longer around, protecting their digital legacy.
## Roadmap
**Ready and Available** âś…
- **Multi-Provider Authentication**: Log in via Google, Facebook, Apple, GitHub, MetaMask, and more.
- **Zero Tracking**: No data tracking—user information remains private.
- **Two-Factor Authentication (2FA)**: Secure logins with SMS, email, or authenticator apps.
- **Recent Activity Review**: Monitor and review account activity for unauthorized access.
- **Self-Managed Login History**: View, download, or delete login history to monitor and manage account access.
- **Seamless Developer Integration**: Quick setup with minimal code for easy logins.**In Progress** 🚧
- **End-to-End Encryption**: Encrypt user data for enhanced security.
- **Trusted Devices Management**: Manage devices connected to your account.
- **Session Management**: Remotely log out from unrecognized devices.
- **Security Alerts**: Get real-time alerts for suspicious activity.
- **Advanced Antifraud System**: Detect and prevent fraudulent logins.
- **Privacy Checkup**: Review and adjust privacy settings.
- **Data from Connected Apps**: Manage permissions for apps connected to your account.
- **Plan Your Digital Legacy**: Set up account management for when you can no longer access it.
- **Autofill Support**: Autofill passwords and payment info for faster logins.
- **Eartho Pay**: Integrate payments securely alongside authentication.
- **Customizable UI**: Tailor Eartho’s login widget to fit your brand.
- **Biometric Authentication**: Fingerprint and facial recognition for secure access.
- **Anonymous Login**: Protect identities with anonymous access.
- **Advanced Analytics Dashboard**: Gain insights into account activity and data usage.
- **Granular Privacy Controls**: Set specific data permissions for apps.
- **Multi-Account Management**: Easily switch between multiple accounts.
- **Enhanced Offline Access**: Authenticate even without internet connectivity.**Future**
- **Browser Extension**: Autofill, and more.
- **Eartho One Tap**: Users are prompted to create an account with a dialog that's inline with your app's content, so they're never taken out of context by a sign-up screen.
## How It Works
Eartho serves as a privacy-focused layer between users and major authentication providers like Google, Facebook, and others. When users log in using Eartho, they can still choose popular sign-in options such as **Google Sign-In** or **Facebook Login**, but with a critical difference: **Big Tech companies will no longer have access to your users’ login services list**.
By wrapping major sign-in services, Eartho provides the best of both worlds: the convenience of popular authentication providers and the security of true privacy for users, ensuring that no personal data leaks to third-party companies.
## Table of Contents
1. [Features](#features)
2. [Why Eartho?](#why-eartho)
3. [Authentication Methods Supported](#authentication-methods-supported)
4. [Contributing](#contributing)
5. [Community & Support](#community--support)
6. [License](#license)
7. [FAQ](#faq)
## Web App - Features
Feature
Description
Image
Privacy-Focused
Your personal data is yours alone. With Eartho, your information stays private—no tracking, no sharing.
Manage Multiple Identities
Easily link and manage multiple accounts, from social media to crypto wallets, all in one place.
Manage Multiple Spaces Of Services
Build a space for access to your work, build a space for access to your personal life, and build a space for your hidden services and protect them with an extra password
Privacy-Based Access Levels
Allow users to create multiple access levels within their accounts, choosing exactly what each app or platform can access. For instance, users could grant “basic,” “enhanced,” or “restricted” access, tailoring permissions on a granular level.
Digital Identity Vault for Sensitive Information
Create a secure digital vault where users can store sensitive identity documents (e.g., ID scans, certificates) and share them selectively with apps that require identity verification.
Security Checkups
Regularly check your account security and protect yourself from threats across all your linked accounts.
End-to-End Encryption
Your data is fully encrypted, meaning only you can access it—no one else, not even us.
Autofill Support
Save time by letting Eartho autofill your passwords and payment details safely across all your devices.
Built-in Payment System
Pay securely through Eartho’s built-in payment system, keeping your financial details private.
Proactive Security Alerts
Get instant notifications if anything suspicious happens with your account, so you can take action quickly.
Zero Trust Architecture
Eartho treats every action as potentially risky and verifies everything to keep your account secure.
Open Source
Eartho is built with transparency. You can trust how it works because the code is available for anyone to review.
## Why Eartho?
In today’s digital age, privacy is paramount. Most single sign-on (SSO) providers collect data from users and track their online activity. **Eartho** solves this problem by offering a sign-in solution that ensures users’ privacy remains intact.
Developers can integrate Eartho with a few lines of code and provide users with:
- Secure login options
- Control over what data they share and with whom
- A unified account management system with multiple login methods
- Protection from Big Tech tracking and surveillanceEartho is built for developers who care about privacy and security, but don't want to compromise on ease of use.
## **Tech Stack** ⚙️
Account Module:
- Next.js
- NextAuth(Auth.js)
- Oidc-Provider(Panva)MyAccount Module:
- Next.js
- NextAuth(Auth.js) - Use Account Module as providerDevelopers Module:
- Next.js
- NextAuth(Auth.js) - Use Account Module as providerInfra:
- Database: Google Cloud Databases(Should be replaced)
- Cloud: Google Cloud Platform (GCP)## **Developer? Add Eartho to Your App**
Enhance your app’s authentication with Eartho. It provides a **privacy-first login** experience that integrates easily into your existing system. With Eartho, you can offer users the convenience of popular sign-in options like **Google, Facebook, Apple**, and more—without compromising their privacy. We ensure that **Big Tech companies can’t track your users** or use their data against you.
### **Why Add Eartho?**
- **Privacy-First Authentication**: Eartho acts as a layer of protection between your users and Big Tech, preventing data tracking while still allowing users to log in with familiar providers.
- **Multiple Authentication Options**: Give your users the freedom to log in with **Google, Facebook, Apple**, **GitHub**, or even **MetaMask**—while keeping their data private.
- **Easy Integration**: Eartho simplifies the development process for login, sign-up, and profile management pages. With just one line of code, you can integrate Eartho seamlessly into your app.
- **No Migration Needed**: Continue using existing authentication providers without the need to migrate users or disrupt their experience. Eartho enhances privacy while keeping everything intact.
- **Advanced Security Features**: Eartho comes with an **advanced antifraud system**, using on-device machine learning to verify user authenticity and prevent fraud.How to Add Eartho Authentication
Eartho offers two primary methods for integrating secure, privacy-first authentication into your application: via the OIDC Provider or by using the Eartho SDK. Choose the option that best fits your setup and requirements.
Option 1: Using Eartho OIDC Provider
If your application already supports OpenID Connect (OIDC), integrating Eartho as an OIDC provider is a flexible, secure, and standards-compliant choice. This method is highly compatible with popular libraries and frameworks, making it easy to add Eartho to existing setups.
Integration with Popular OIDC Libraries
Using Eartho’s OIDC endpoints, you can seamlessly integrate with many popular libraries and frameworks, including:
-
Auth.js - A versatile library for OAuth and OIDC providers. -
Keycloak - Open-source identity management, supporting SSO with Eartho. -
Auth0 - Universal authentication platform, configurable with Eartho as an OIDC provider. -
Passport.js - Middleware for Node.js supporting custom OIDC strategies like Eartho. -
Okta - Enterprise identity and access management platform with support for custom OIDC providers. -
Firebase Auth - Firebase's authentication service that can be configured to accept tokens from Eartho. -
Clerk - User management and authentication solution, compatible with custom OIDC providers like Eartho. -
SuperTokens - Open-source authentication library that supports integration with custom OIDC providers. -
Supabase - Open-source Firebase alternative with authentication that can be integrated with Eartho’s OIDC for added flexibility. -
StackAuth - A secure authentication solution that supports multiple providers, configurable with Eartho’s OIDC.
Configuration
-
Set the Issuer
Configure Eartho as your OIDC provider by setting the
issuer
andwellKnown
fields. This allows your app to retrieve Eartho’s OIDC configuration.
issuer: "https://account.eartho.io"
wellKnown: "https://account.eartho.io/.well-known/openid-configuration"
-
Redirect URI Setup
Ensure your Eartho application is configured to recognize your app’s redirect URI, where Eartho will return authorization codes or tokens after authentication.
-
Benefits of OIDC Integration
-
Standardized Protocol: Provides a robust, industry-standard authentication approach. -
Enhanced Security: Leveraging Eartho’s secure OIDC flow minimizes unauthorized access. -
Compatibility: Integrates with other OIDC-compatible identity providers and authentication systems.
-
## Authentication Methods Supported
Eartho supports a wide range of authentication methods, allowing users to log in using their preferred provider while ensuring their privacy is maintained. Below are the supported authentication methods that users can choose from:
### **Popular Authentication Providers:**
- **Google**: Log in with your Google account for seamless access.
- **Apple**: Use your Apple ID for secure and private authentication.
- **Facebook**: Sign in through Facebook while keeping your data private from Big Tech.
- **Twitter (X)**: Authenticate with your Twitter (X) account and remain protected.
- **GitHub**: Ideal for developers logging in with their GitHub accounts.
### **Additional Methods:**
- **Email**: Secure login via one-time password (OTP) sent to your email.
- **SMS**: Authenticate using a code sent directly to your phone via SMS.
- **VK**: Support for VK, a popular platform in Eastern Europe and Russia.
- **Reddit**: Login via Reddit for users active on the platform.
- **Yandex**: A secure login option through Yandex.
- **MetaMask**: For crypto enthusiasts, log in using your MetaMask wallet.
How It Works:
Eartho wraps these providers, acting as a privacy layer, which means your login process goes through Eartho. This ensures that while the authentication provider can verify your credentials, they don't gain access to your app activity or personal information—keeping your data safe and secure.
Eartho Architecture
Eartho's system is organized into three main services, each with a unique purpose:
1. Account Service
- Users log in through existing accounts (Google, Facebook, etc.) using OAuth2.
- Eartho then acts as an OIDC provider, offering a unified, privacy-focused login across supported apps without sharing data back to these providers.
2. MyAccount Service
- Allows users to manage their data, privacy settings, and linked accounts.
- Users have control over data storage, can view login history, and adjust privacy preferences.
3. Developer Service
- For developers to register their apps and integrate Eartho as a login option.
- Provides all setup details for easy app integration.
This structure keeps each service focused: Account Service for user login, MyAccount Service for data control, and Developer Service for app integration.
Contributing
We welcome contributions from the open-source community! If you'd like to contribute to Eartho, please follow these steps:
Fork & PR
-
Fork the repository on GitHub. -
Create a new branch for your feature or fix:
git checkout -b feature/your-feature-name
-
Make your changes and commit them with a meaningful message:
git commit -m "Add your feature or fix description"
-
Push to your fork:
git push origin feature/your-feature-name
-
Create a pull request from your branch into the main repository.
We also encourage you to review our
Contributing Guide before submitting a pull request.
Contributions can range from code improvements, documentation updates, or even bug reports. Every contribution helps make Eartho better for everyone!
Installation
Instructions Per Package
Configuration
Instructions Per Package
Community & Support
Join our vibrant community of developers and privacy advocates who are helping to shape the future of Eartho! Here’s how you can get involved:
-
Discord: Join our Discord community for real-time discussions, support, and collaboration with other developers. -
GitHub Discussions: Start or join a conversation in our GitHub Discussions to get help or suggest new features. -
Our Website: Follow us on Eartho for updates, news, and announcements.
License
Each package is licensed individually.
Server components are licensed under the AGPLv3, while client libraries and examples are provided under custom license license.
For detailed information, please refer to the LICENSE files in each package.
Portions of this code are derived from projects licensed with MIT(Check LICENSE file to see the full license).
Here are the copyrights and the license type:
- MIT License, Copyright (c) 2018 Auth0, Inc. (http://auth0.com)
- MIT License, Copyright (c) 2020-present Cryptr
- MIT License, Copyright (c) 2020 Ville de Montréal
- ISC License, Copyright (c) 2022-2024, Balázs Orbán (Auth.js)
- MIT License, Copyright (c) 2018 Filip Skokan - Jose
- MIT License, Copyright (c) 2015 Filip Skokan https://github.com/panva/node-oidc-provider/blob/main/LICENSE.md
Frequently Asked Questions (FAQ)
Why should I trust you?
We're committed to being as transparent as possible. We use well-established, widely adopted open-source libraries that have been trusted by millions of developers. Our team has years of experience in the industry, and we’re dedicated to building a platform that puts users' privacy and security first.
We understand this is a new project, and we’re constantly improving. Our code is open for anyone to review, contribute to, or suggest improvements. While it’s early days for Eartho, our goal is to continually evolve and provide a safe, privacy-first solution for managing digital access.
Disclaimer: As this is a growing project, we’re always open to feedback and making things better over time.
Who is behind Eartho?
Hey! I'm Dvir Daniel, the creator of Eartho. I've been working in the IT industry for almost 10 years as a software engineer. Eartho started as my personal project with the goal to offer a privacy-first, open-source alternative to Google Sign-In. Right now, it's just me and a few friends helping out here and there. It's still early days for the project, but we’re improving it step by step and being as transparent as possible. Excited to have you join us on this journey!
How is Eartho different from other authentication services like Auth0 or Keycloak?
Eartho is designed with the user in mind, and not for developers, offering features like multiple identities, privacy-first payments, and the ability to plan your digital legacy. Unlike developer-focused tools, Eartho provides users with control over their access and personal data.
Developers add us as sign in option to their existing solution and they can can manage their users in Keycloak if they want. we are like Google/Facebook/Apple sign in
Why should I trust Eartho with my data over Big Tech like Google/Facebook/Apple ?
Big Tech may collect data as part of their larger ecosystem, but for Eartho, access and privacy are our mission. While for them it's just another piece of the puzzle, for us, it’s the focus. We’re committed to being more convenient and advanced when it comes to managing access, giving you full control over your data and logins. Being open-source means transparency, and with Eartho, you always know where your information is and how it's used.