meshuga/awesome-auth

A curated list of awesome AuthN+Z libraries and resources.

awesome-auth

A curated list of awesome AuthN+Z libraries, services and resources.

Cloud solutions

Amazon Web Services (AWS)

• AWS IAM - Identity and Access Management for AWS
• AWS SSO - Centrally manage single sign-on (SSO) access to multiple AWS accounts
• Amazon Cognito - SSO for business applications
• AWS Directory Service - AD in the AWS Cloud
• AWS STS - AWS Security Token Service for temporary IAM tokens

Google Cloud Platform (GCP)

• Identity and authentication, the Google Cloud way - Overview of Google approach to identity and access management

Microsoft Azure

• Microsoft identity platform - Evolution of the Azure Active Directory

Authentication

SSO

• Single sign-on - wiki page about SSO
• Central Authentication Service (CAS) - Open Source Enterprise Single Sign On
• Okta - Identity and Access Management as a service; provides broad integrations
• Auth0 - Identity and Access Management as a service
• Cloud-IAM - Keycloak IAM as a Service
• LoginRadius - Identity and Access Management as a service
• FusionAuth - Identity and Access Management, either a service or self-hosted
• PAC4J - The security library for Java
• buzzfeed/sso - A single sign-on solution for securing internal services (Go based)
• cidaas - Cloud Identity & Access Management (Identity and Access Management as a service)

OAuth

• RFC6749 - RFC with OAuth2 definition
• Spring Security OAuth - OAuth implementation for Spring
• OAuth server for PHP - OAuth server for PHP
• ORY Hydra - Go based OAuth and OIDC server
• JSON Web Tokens - All you need to know about JWT
• OAuth+JWT in microservices - Good video on how to use tokens in microservices
• OpenID Connect - Identity layer on top of OAuth
• oauth2-proxy - A reverse proxy that provides authentication with Google, Github or other providers.

SAML

• SAML - Security Assertion Markup Language wiki page
• Spring Security SAML - SAML implementation for Spring
• SAMLTest SAML Testing service
• SAMLkit Development/testing entity

Two-factor authentication

• U2F and UAF spec - 2FA specifications
• Two Factor Auth - List of websites with 2FA info

Passwordless authentication

• MojoAuth - Email and WebAuthN Authentication
• Sawolabs - Authentication without OTPs and Passwords

Authorization

• Role-based access control - wiki page about RBAC
• XACML - XML-based access control markup language
• angular-permissions authorization for AngularJS

Access management

• Authgear - Auhgear is a highly adaptable identity-as-a-service (IDaaS) platform for web and mobile applications.
• Keycloak - Open Source Identity and Access Management
• IdentityServer - .NET based IAM server
• Topaz - Go-native open-source authorization system for cloud-native applications
• ORY - Open Source Identity Infrastructure and Services (Go based)
• casbin - Go authorization library
• OpenAM - (discontinued), successor of OpenSSO
• WSO2 Identity Server - also has SSO, authZ, ...

Tools

• Step CLI - A zero trust swiss army knife for working with X509, OAuth, JWT, OATH OTP, etc.
• JWT DEBUGGER - A simple JWT decoder tool, that can help to verify the JWT and with the help of signature.

Other aggregators

• awesome-keycloak - A curated list of Keycloak related resources
• casbin/awesome-auth - other auth list
• OAuth code libraries
• OIDC code libraries