/glewlwyd

Single Sign On server, OAuth2, Openid Connect, multiple factor authentication with, HOTP/TOTP, FIDO2, TLS Certificates, etc. extensible via plugins

Primary LanguageCOtherNOASSERTION

Glewlwyd SSO server

Build Status C/C++ CI CII Best Practices Say Thanks!

Single-Sign-On (SSO) server with multiple factor authentication.

logged in

Authentication processus supported:

  • OAuth2
  • OpenID Connect

Allows users to authenticate via multiple factors:

  • Password
  • One-time password (TOTP/HOTP)
  • Webauthn (Yubikey, Android devices)
  • One-time password sent via e-mail
  • TLS Certificate
  • External OAuth2/OIDC providers

Users and clients can be stored and managed from various backends:

  • Database
  • LDAP service
  • HTTP Backend service providing Basic Authentication

Allows users to register a new account with the possibility to confirm their e-mail address or not. During the registration process, the new user may be expected to register their passwords, as well as other authentication factors:

  • One-time password (TOTP/HOTP)
  • Webauthn (Yubikey, Android devices)
  • TLS Certificate
  • External OAuth2/OIDC providers

See the register documentation for more information on the registration features.

Based on a plugin architecture to make it easier to add or update storing backends, authentication schemes or processus.

Allows passwordless authentication.

Adding new authentication schemes or backend storage for users and clients is possible via the plugin architecture.

The backend API server is fully written in C and uses a small amount of resources.

Its plugin architecture makes it easy to add new modules or plugins, or modify existing ones with less risks to have unmaintainable code.

Glewlwyd 2.3 is released. Feel free to install, test it, and send feedbacks if you feel like it.

Important! Due to a complete database reworking of the application, you can't upgrade an existing installation from Glewlwyd 1.x to Glewlwyd 2.x.

Installation

The full installation documentation is available in the install documentation.

Docker

A docker image is available for tests on localhost, run the following command:

$ docker run --rm -it -p 4593:4593 babelouest/glewlwyd

And open the address http://localhost:4593/ on your browser.

  • User: admin
  • Password: password

More information in the install documentation.

Getting started

The Getting started documentation will help administrators configure Glewlwyd's modules and authentication schemes.

User documentation

The user documentation will help Glewlwyd's users manage their profile and log in to Glewlwyd.

Core API

The full core REST API documention is available in the API documentation

Plugins architecture

You can update the existing plugins or add new ones depending on your needs, check out the documentation available for each type of plugin:

Screenshots

Go to the Screenshots folder to get a visual idea of Glewlwyd.

Questions, problems or feature requests

You can open an issue, a pull request or send me an e-mail. Any help is much appreciated!

You can visit the IRC channel #glewlwyd on the Freenode network.