authelia by authelia

The Single Sign-On Multi-Factor portal for web apps

created at Dec. 7, 2016, 12:56 a.m.

166 +1

21,750 +80

1,129 +2

gitleaks by gitleaks

Protect and discover secrets using Gitleaks 🔑

created at Jan. 27, 2018, 6:19 p.m.

163 +0

17,953 +114

1,469 +6

casbin by casbin

An authorization library that supports access control models like ACL, RBAC, ABAC in Golang: https://discord.gg/S5UjpzGZjN

created at April 8, 2017, 7:51 a.m.

238 +0

17,809 +32

1,650 +5

trufflehog by trufflesecurity

Find, verify, and analyze leaked credentials

created at Dec. 31, 2016, 5:08 a.m.

175 +0

17,256 +178

1,711 +6

sops by getsops

Simple and flexible tool for managing secrets

created at Aug. 13, 2015, 10:11 p.m.

119 +0

17,010 +50

877 -1

phoneinfoga by sundowndev

Information gathering framework for phone numbers

created at Oct. 25, 2018, 9:19 a.m.

675 +0

13,160 +49

3,689 +16

kratos by ory

The most scalable and customizable identity server on the market. Replace your Homegrown, Auth0, Okta, Firebase with better UX and DX. Has all the tablestakes: Passkeys, Social Sign In, Multi-Factor Auth, SMS, SAML, TOTP, and more. Written in Go, cloud native, headless, API-first. Available as a service on Ory Network and for self-hosters.

created at May 29, 2018, 4:09 p.m.

112 +0

11,293 +26

963 -2

casdoor by casdoor

An open-source UI-first Identity and Access Management (IAM) / Single-Sign-On (SSO) platform with web UI supporting OAuth 2.0, OIDC, SAML, CAS, LDAP, SCIM, WebAuthn, TOTP, MFA, Face ID, RADIUS, Google Workspace, Active Directory and Kerberos

created at Oct. 22, 2020, 2:40 p.m.

72 +1

10,204 +57

1,203 +4

opa by open-policy-agent

Open Policy Agent (OPA) is an open source, general-purpose policy engine.

created at Dec. 28, 2015, 10:08 p.m.

128 -1

9,712 +35

1,346 +3

zitadel by zitadel

ZITADEL - Identity infrastructure, simplified for you.

created at March 16, 2020, 1:51 p.m.

46 +1

8,998 +73

573 +8

cfssl by cloudflare

CFSSL: Cloudflare's PKI and TLS toolkit

created at July 7, 2014, 11:49 p.m.

215 +0

8,766 +13

1,112 +1

spicedb by authzed

Open Source, Google Zanzibar-inspired database for scalably storing and querying fine-grained authorization data

created at Aug. 16, 2021, 3:32 p.m.

43 +0

5,137 +23

278 -1

permify by Permify

An open-source authorization as a service inspired by Google Zanzibar, designed to build and manage fine-grained and scalable authorization systems for any application.

created at July 14, 2022, 11:16 a.m.

26 +0

4,957 +25

224 +1

keto by ory

The most scalable and customizable permission server on the market. Fix your slow or broken permission system with Google's proven "Zanzibar" approach. Supports ACL, RBAC, and more. Written in Go, cloud native, headless, API-first. Available as a service on Ory Network and for self-hosters.

created at March 17, 2018, 10:40 a.m.

57 +0

4,841 +12

347 -2

pomerium by pomerium

Pomerium is an identity and context-aware access proxy.

created at Jan. 1, 2019, 8:04 a.m.

39 +2

4,054 +7

284 +0

cerbos by cerbos

Cerbos is the open core, language-agnostic, scalable authorization solution that makes user permissions and authorization simple to implement and manage by writing context-aware access control policies for your application resources.

created at March 21, 2021, 1:23 p.m.

30 +0

3,284 +129

143 +1

oathkeeper by ory

A cloud native Identity & Access Proxy / API (IAP) and Access Control Decision API that authenticates, authorizes, and mutates incoming HTTP(s) requests. Inspired by the BeyondCorp / Zero Trust white paper. Written in Go.

created at Sept. 25, 2017, 11:04 a.m.

47 +0

3,261 +6

359 -1

ladon by ory

A SDK for access control policies: authorization for the microservice and IoT age. Inspired by AWS IAM policies. Written for Go.

created at Oct. 16, 2015, 3:21 p.m.

63 +0

2,402 +0

225 +0

loginsrv by tarent

JWT login microservice with plugable backends such as OAuth2, Google, Github, htpasswd, osiam, ..

created at Nov. 11, 2016, 12:11 p.m.

50 +0

1,920 +0

148 +0

warrant by warrant-dev

Warrant is a highly scalable, centralized authorization service based on Google Zanzibar. Use it to define, enforce, query, and audit application authorization and access control.

created at Feb. 14, 2023, 11:22 p.m.

4 +0

1,163 +9

44 +0