Identity infrastructure, simplified for you.

• ZITADEL @ GitHub.

Authentication for the Web.

Auth.js is a complete open-source authentication solution for web applications.

• Auth.js @ GitHub.
• NextAuth.js.
• Secure Next.js Applications with Role-Based Authentication Using NextAuth @ freeCodeCamp.

Identity, Policy, Audit.

Manage Linux users and client hosts in your realm from one central location with CLI, Web UI or RPC access. Enable Single Sign On authentication for all your systems, services and applications.

The Dogtag Certificate System is an enterprise-class open source Certificate Authority (CA). It is a full-featured system, and has been hardened by real-world deployments. It supports all aspects of certificate lifecycle management, including key archival, OCSP and smartcard management, and much more. The Dogtag Certificate System can be downloaded for free and set up in less than an hour.

FreeIPA is an integrated security information management solution combining Linux (Fedora), 389 Directory Server, MIT Kerberos, NTP, DNS, Dogtag (Certificate System). It consists of a web interface and command-line administration tools.

FreeIPA is an integrated Identity and Authentication solution for Linux/UNIX networked environments. A FreeIPA server provides centralized authentication, authorization and account information by storing data about user, groups, hosts and other objects necessary to manage the security aspects of a network of computers.

Simple & secure two-factor authentication via mobile & desktop app that's free to users. Authy's 2FA API is by Twilio.

Minimal forward authentication service that provides Google/OpenID oauth based login and authentication for the traefik reverse proxy.

A minimal forward authentication service that provides OAuth/SSO login and authentication for the traefik reverse proxy/load balancer.

A better alternative for securing our sensitive information online.

Keycloak is an Open Source Identity and Access Management solution for modern Applications and Services.

Lucia is a simple yet flexible user and session management library that provides an abstraction layer between your app and your database. It's bare-bones by design, keeping everything easy to use and understand, and ensures type-safetly so you can use it confidently.

The Burp extension helps you to find authorization bugs. Just navigate through the web application with a high privileged user and let the Auth Analyzer repeat your requests for any defined non-privileged user. With the possibility to define Parameters the Auth Analyzer is able to extract and replace parameter values automatically. With this for instance, CSRF tokens or even whole session characteristics can be auto extracted from responses and replaced in further requests. Each response will be analyzed and tagged on its bypass status.

Open Source Identity and Access Management.
Add authentication to applications and secure services with minimum effort.
No need to deal with storing users or authenticating users.
Keycloak provides user federation, strong authentication, user management, fine-grained authorization, and more.

• Keycloak @ GitHub.
• Deploy Keycloak Single Sign-On With Ansible @ DZone.

Making authentication simple.

authentik is an open-source Identity Provider focused on flexibility and versatility.
It can be seamlessly integrated into existing environments to support new protocols.
authentik is also a great solution for implementing sign-up, recovery,
and other similar features in your application, saving you the hassle of dealing with them.

• authentik @ GitHub.
• GoAuthentik de A à Y @ Une tasse de café :fr:.
• La veille des Ours n°31 @ Bearstech's LinkedIn :fr:.

LDAP Tool Box project

Because even LDAP administrators need help

the open source solution for two factor authentication.
LinOTP accommodates many different OTP algorithms using a modular approach. This includes the OATH standards such as HMAC (RFC 4226) and time-based HMAC. But LinOTP's design makes it easy to create your own tokens with different algorithms, including challenge-response tokens, tokens based on QR codes, and tokens based on push-type messages.

Your connected business card (QRCode or NFC )

FreeOTP is a two-factor authentication application for systems utilizing one-time password protocols. Tokens can be added easily by scanning a QR code. If you need to generate a QR code, try our QR code generator.

Mobile ID Authentication.
Run instant authentication checks on any government issued ID.

Open Source User Authentication & Management.

Multi-provider authentication framework for PHP