Related Projects

hydra - OAuth2 server with OpenID Connect - cloud native, security-first, open source API security for your infrastructure


ORY Hydra is a hardened OAuth2 and OpenID Connect server optimized for low-latency, high throughput, and low resource consumption. ORY Hydra is not an identity provider (user sign up, user log in, password reset flow), but connects to your existing identity provider through a consent app. Implementing the consent app in a different language is easy, and exemplary consent apps (Go, Node) and SDKs (Go, Node) are provided.Besides mitigating various attack vectors, such as database compromisation and OAuth 2.0 weaknesses, ORY Hydra is able to securely manage JSON Web Keys, and has a sophisticated policy-based access control you can use if you want to. Click here to read more about security.

fosite - Extensible security first OAuth 2.0 and OpenID Connect SDK for Go.


The security first OAuth2 & OpenID Connect framework for Go. Built simple, powerful and extensible. This library implements peer-reviewed IETF RFC6749, counterfeits weaknesses covered in peer-reviewed IETF RFC6819 and countermeasures various database attack scenarios, keeping your application safe when that hacker penetrates or leaks your database. OpenID Connect is implemented according to OpenID Connect Core 1.0 incorporating errata set 1 and includes all flows: code, implicit, hybrid.OAuth2 and OpenID Connect are difficult protocols. If you want quick wins, we strongly encourage you to look at Hydra. Hydra is a secure, high performance, cloud native OAuth2 and OpenID Connect service that integrates with every authentication method imaginable and is built on top of Fosite.

MITREid Connect - An OpenID Connect reference implementation in Java on the Spring platform


This project contains a certified OpenID Connect reference implementation in Java on the Spring platform, including a functioning server library, deployable server package, client (RP) library, and general utility libraries. The server can be used as an OpenID Connect Identity Provider as well as a general-purpose OAuth 2.0 Authorization Server.


node-oidc-provider - OpenID Provider(OP) implementation for node


oidc-provider is an OpenID Provider implementation of OpenID Connect. It allows to export a complete mountable or standalone OpenID Provider implementation. This implementation does not dictate a fixed data models or persistence store, instead, you must provide adapters for these. A generic in memory adapter is available to get you started as well as feature-less dev-only views to be able to get off the ground. The following specifications are implemented by oidc-provider. Note that not all features are enabled by default, check the configuration section on how to enable them.

oauth2-server - A spec compliant, secure by default PHP OAuth 2.0 Server


league/oauth2-server is a standards compliant implementation of an OAuth 2.0 authorization server written in PHP which makes working with OAuth 2.0 trivial. You can easily configure an OAuth 2.0 server to protect your API with access tokens, or allow clients to request new access tokens and refresh them.This library was created by Alex Bilbie. Find him on Twitter at @alexbilbie.

osin - Golang OAuth2 server library


OSIN is an OAuth2 server library for the Go language, as specified at http://tools.ietf.org/html/rfc6749 and http://tools.ietf.org/html/draft-ietf-oauth-v2-10.It also includes support for PKCE, as specified at https://tools.ietf.org/html/rfc7636, which increases security for code-exchange flows for public OAuth clients.

Apache Oltu - OAuth protocol implementation in Java


Apache Oltu is an OAuth protocol implementation in Java. It also covers others "OAuth family" related implementations such as JWT, JWS and OpenID Connect.

django-oauth-toolkit - OAuth2 goodies for the Djangonauts!


Django OAuth Toolkit can help you providing out of the box all the endpoints, data and logic needed to add OAuth2 capabilities to your Django projects. Django OAuth Toolkit makes extensive use of the excellent OAuthLib, so that everything is rfc-compliant.We love contributions, so please feel free to fix bugs, improve things, provide documentation. Just follow the guidelines and submit a PR.

django-rest-framework-social-oauth2 - python-social-auth and oauth2 support for django-rest-framework


This module provides a python-social-auth and oauth2 support for django-rest-framework.The first aim of this package is to help setting up social auth for your rest api. It also helps setting up your Oauth2 provider.

flask-oauthlib - OAuthlib implementation for Flask.


Flask-OAuthlib is an extension to Flask that allows you to interact with remote OAuth enabled applications. On the client site, it is a replacement for Flask-OAuth. But it does more than that, it also helps you to create OAuth providers.Flask-OAuthlib relies on oauthlib.

DotNetOpenAuth - A C# implementation of the OpenID, OAuth protocols


The C# implementation of the OpenID, OAuth protocols. Use DotNetOpenAuth to create Identity Providers and Identity Consumers (Relying Parties).

node-oauth2-provider - A simple customizable OAuth 2.0 provider (server) for node.js.


This is a node.js module for implementing OAuth2 servers (providers) that support server-side (code) and client-side (token) OAuth flows. It's very customizable, so you can (and currently, must) take care of OAuth token storage and client lists. In the future, a Mongo or Redis backed abstraction will be provided so you don't need to care about any kind of storage at all.

authlib - An ambitious authentication library for OAuth 1, OAuth 2, OpenID clients and servers.


Authlib is an ambitious authentication library for OAuth 1, OAuth 2, OpenID clients, servers and more. Authlib is compatible with Python2.7+ and Python3.5+.

express-gateway - A microservices API Gateway built on top of ExpressJS


Express Gateway is an API Gateway that sits at the heart of any microservices architecture, regardless of what language or platform you're using. Express Gateway secures your microservices and exposes them through APIs using Node.js, ExpressJS and Express middleware. Developing microservices, orchestrating and managing them now can be done insanely fast all on one seamless platform without having to introduce additional infrastructure. Express Gateway is commerically supported LunchBadger. For more information about support plans please contact info@express-gateway.io.

scala-oauth2-provider - OAuth 2.0 server-side implementation written in Scala


The OAuth 2.0 server-side implementation written in Scala. This provides OAuth 2.0 server-side functionality and supporting function for Play Framework and Akka HTTP.

rest-oauth2-server - Rest OAuth2 Server is a Rails 3 app that let you open up your API and manage end-user authentication and client application authorization implementing the OAuth 2


We are sorry to annunce that due to a lack of time rest oauth2 server is now without a mantainer. For this reason we call the **project dead** and we suggest you to use more solid solution such as Doorkeeper or oPRO. Anyway, we still think this project can be helpful to understand how a OAuth2 server works so if interested in that checkout the code and the whole documentation. It was really nice to have such good people collaborating on this project. P.S. If you are interested about becoming the new mantainer of this project write us.

uaa - CloudFoundry User Account and Authentication (UAA) Server


The UAA is a multi tenant identity management service, used in Cloud Foundry, but also available as a stand alone OAuth2 server. It's primary role is as an OAuth2 provider, issuing tokens for client applications to use when they act on behalf of Cloud Foundry users. It can also authenticate users with their Cloud Foundry credentials, and can act as an SSO service using those credentials (or others). It has endpoints for managing user accounts and for registering OAuth2 clients, as well as various other management functions. The apps all work together with the apps running on the same port (8080) as /uaa, /app and /api.