authelia by authelia

The Single Sign-On Multi-Factor portal for web apps

created at Dec. 7, 2016, 12:56 a.m.

158 +1

19,513 +65

1,027 +1

casbin by casbin

An authorization library that supports access control models like ACL, RBAC, ABAC in Golang: https://discord.gg/S5UjpzGZjN

created at April 8, 2017, 7:51 a.m.

230 +0

16,830 +28

1,587 -1

gitleaks by gitleaks

Protect and discover secrets using Gitleaks 🔑

created at Jan. 27, 2018, 6:19 p.m.

152 +0

15,211 +41

1,308 +3

sops by getsops

Simple and flexible tool for managing secrets

created at Aug. 13, 2015, 10:11 p.m.

116 +0

15,082 +45

809 +2

trufflehog by trufflesecurity

Find and verify credentials

created at Dec. 31, 2016, 5:08 a.m.

167 +0

13,857 +42

1,509 +0

phoneinfoga by sundowndev

Information gathering framework for phone numbers

created at Oct. 25, 2018, 9:19 a.m.

656 +2

11,926 +37

3,259 +8

kratos by ory

Next-gen identity server replacing your Auth0, Okta, Firebase with hardened security and PassKeys, SMS, OIDC, Social Sign In, MFA, FIDO, TOTP and OTP, WebAuthn, passwordless and much more. Golang, headless, API-first. Available as a worry-free SaaS with the fairest pricing on the market!

created at May 29, 2018, 4:09 p.m.

113 +2

10,550 +27

930 +1

opa by open-policy-agent

Open Policy Agent (OPA) is an open source, general-purpose policy engine.

created at Dec. 28, 2015, 10:08 p.m.

125 +1

9,118 +13

1,257 -1

casdoor by casdoor

An open-source UI-first Identity and Access Management (IAM) / Single-Sign-On (SSO) platform with web UI supporting OAuth 2.0, OIDC, SAML, CAS, LDAP, SCIM, WebAuthn, TOTP, MFA, Face ID, RADIUS, Google Workspace, Active Directory and Kerberos

created at Oct. 22, 2020, 2:40 p.m.

63 +1

8,576 +39

1,012 +8

cfssl by cloudflare

CFSSL: Cloudflare's PKI and TLS toolkit

created at July 7, 2014, 11:49 p.m.

215 +0

8,446 +18

1,085 +3

zitadel by zitadel

ZITADEL - Identity infrastructure, simplified for you.

created at March 16, 2020, 1:51 p.m.

40 +0

7,009 +57

416 +11

keto by ory

Open Source (Go) implementation of "Zanzibar: Google's Consistent, Global Authorization System". Ships gRPC, REST APIs, newSQL, and an easy and granular permission language. Supports ACL, RBAC, and other access models.

created at March 17, 2018, 10:40 a.m.

57 +0

4,602 +13

335 +2

spicedb by authzed

Open Source, Google Zanzibar-inspired permissions database to enable fine-grained access control for customer applications

created at Aug. 16, 2021, 3:32 p.m.

37 +0

4,494 +34

242 +1

pomerium by pomerium

Pomerium is an identity and context-aware access proxy.

created at Jan. 1, 2019, 8:04 a.m.

39 +0

3,836 +10

274 +0

oathkeeper by ory

A cloud native Identity & Access Proxy / API (IAP) and Access Control Decision API that authenticates, authorizes, and mutates incoming HTTP(s) requests. Inspired by the BeyondCorp / Zero Trust white paper. Written in Go.

created at Sept. 25, 2017, 11:04 a.m.

47 +0

3,164 +6

342 +0

cerbos by cerbos

Cerbos is the open core, language-agnostic, scalable authorization solution that makes user permissions and authorization simple to implement and manage by writing context-aware access control policies for your application resources.

created at March 21, 2021, 1:23 p.m.

29 +0

2,505 +27

116 +0

ladon by ory

A SDK for access control policies: authorization for the microservice and IoT age. Inspired by AWS IAM policies. Written for Go.

created at Oct. 16, 2015, 3:21 p.m.

63 +0

2,345 +3

226 -1

loginsrv by tarent

JWT login microservice with plugable backends such as OAuth2, Google, Github, htpasswd, osiam, ..

created at Nov. 11, 2016, 12:11 p.m.

50 +0

1,912 +0

151 +0

topaz by aserto-dev

Cloud-native authorization for modern applications and APIs

created at Oct. 23, 2022, 3:54 p.m.

11 +0

971 +5

20 +0

warrant by warrant-dev

Warrant is a highly scalable, centralized authorization service based on Google Zanzibar, used for defining, querying, and auditing application authorization models and access control rules.

created at Feb. 14, 2023, 11:22 p.m.

4 +0

967 -1

26 +0