oauth
MCP OAuth Proxy incl. dynamic client registration (DCR), MCP prompt analytics and MCP firewall to build enterprise grade MCP servers.
Jetski is an Open Source MCP Analytics and Authentication Platform - part of HyprMCP. It solves the three biggest problems teams face when developing MCP servers with zero code changes:
Command-line OAuth2 authentication daemon.
pizauth is a simple program for requesting, showing, and refreshing OAuth2 access tokens. pizauth is formed of two components: a persistent server which interacts with the user to request tokens, and refreshes them as necessary; and a command-line interface which can be used by programs such as fdm, neomutt, or msmtp to authenticate with OAuth2.
Related contents:
OAuth credential MAnager.
Many IMAP/SMTP clients, like msmtp, fdm, isync, aerc, neomutt or mutt can use OAuth2 access tokens but lack the ability to renew and/or authorize OAuth2 credentials. The purpose of oama is to provide these missing capabilities by acting as a kind of smart password manager. In particular, access token renewal happens automatically in the background transparent to the user.
Related contents:
Login screen for your apps. The simplest way to protect your apps with a login screen.
Tinyauth is a simple authentication middleware that adds a simple login screen or OAuth with Google, Github and any provider to all of your docker apps. It supports all the popular proxies like Traefik, Nginx and Caddy.
Related contents:
A reverse proxy that provides authentication with Google, Azure, OpenID Connect and many more identity providers.
OAuth2-Proxy is a flexible, open-source tool that can act as either a standalone reverse proxy or a middleware component integrated into existing reverse proxy or load balancer setups. It provides a simple and secure way to protect your web applications with OAuth2 / OIDC authentication. As a reverse proxy, it intercepts requests to your application and redirects users to an OAuth2 provider for authentication. As a middleware, it can be seamlessly integrated into your existing infrastructure to handle authentication for multiple applications.
Related contents:
Login screen for your apps.
The simplest way to protect your apps with a login screen.
Tinyauth is a simple authentication middleware that adds simple username/password login or OAuth with Google, Github and any generic OAuth provider to all of your docker apps. It is made for traefik but it can be extended to work with all reverse proxies like caddy and nginx.
An open protocol to allow secure authorization in a simple and standard method from web, mobile and desktop applications.
Related contents:
▦ Universal, standards-based auth provider.
OpenAuth is a standards-based auth provider for web apps, mobile apps, single pages apps, APIs, or 3rd party clients.
Effortless OAuth and Authentication, Built for Flexibility and Control.
Melody Auth is turnkey OAuth & authentication system that can be seamlessly deployed on Cloudflare’s infrastructure, utilizing Workers, D1, and KV, or self-hosted with Node.js, Redis, and PostgreSQL. It provides a robust and user-friendly solution for implementing and hosting your own oauth and authentication system with minimal configuration required.
an SSO and OAuth / OIDC login solution for Nginx using the auth_request module.
An SSO solution for Nginx using the auth_request module. Vouch Proxy can protect all of your websites at once.
Vouch Proxy supports many OAuth and OIDC login providers and can enforce authentication
Authentication for the Web.
Auth.js is a complete open-source authentication solution for web applications.
Minimal forward authentication service that provides Google/OpenID oauth based login and authentication for the traefik reverse proxy.
A minimal forward authentication service that provides OAuth/SSO login and authentication for the traefik reverse proxy/load balancer.
Keycloak is an Open Source Identity and Access Management solution for modern Applications and Services.
Lucia is a simple yet flexible user and session management library that provides an abstraction layer between your app and your database. It's bare-bones by design, keeping everything easy to use and understand, and ensures type-safetly so you can use it confidently.
Open Source Identity and Access Management. Add authentication to applications and secure services with minimum effort. No need to deal with storing users or authenticating users. Keycloak provides user federation, strong authentication, user management, fine-grained authorization, and more.
Related contents:
Making authentication simple.
authentik is an open-source Identity Provider focused on flexibility and versatility. It can be seamlessly integrated into existing environments to support new protocols. authentik is also a great solution for implementing sign-up, recovery, and other similar features in your application, saving you the hassle of dealing with them.
Sources:
- GoAuthentik de A à Y @ Une tasse de café :fr:.
- La veille des Ours n°31 @ Bearstech's LinkedIn :fr:.
- Ultimate Authentik Docker Compose Guide with Traefik 2025 @ SmartHomeBeginner.
- Improving Security with Hardware Keys - Authentik & Pocket-ID @ Jim's Garage's YouTube.
- Secure Jellyfin with Authentik (SSO + LDAP + 2FA/MFA Tutorial) @ IBRACORP's YouTube.
- Manage Authentik Resources in Terraform @ Christian Lempa's YouTube.
A client-side Javascript SDK for authenticating with OAuth2 (and OAuth1 with a oauth proxy) web services and querying their REST API's. HelloJS standardizes paths and responses to common API's like Google Data Services, Facebook Graph and Windows Live Connect. Its modular so that list is growing. No more spaghetti code!