51 projects
Laravel Framework
Laravel Framework is an open-source PHP framework for building web applications, offering features such as routing, authentication, and database management.
Contributors
24,017
Organizations
4,540
Software value
$11M
The Symfony PHP Framework
Symfony is a PHP web application framework designed for building robust, scalable, and maintainable web applications using reusable components and a structured MVC architecture. It’s widely used for enterprise-level projects and forms the foundation of many other PHP platforms, including Laravel and Drupal.
Contributors
16,950
Organizations
3,344
Software value
$66M
Keycloak
Keycloak is an open source Identity and access management solution aimed at modern applications and services. It makes it easy to secure applications and services with little to no code. Keycloak is based on standard protocols with an aim toward modern use cases and the flexibility to integrate with other solutions and prevent vendor lock in. Supported protocols include: OAuth2, OpenID Connect, User Managed Access 2.0 (UMA) and SAML 2.0.
Contributors
16,936
Organizations
2,660
Software value
$3.3B
Vault
Vault is a secure secrets management and data protection system that provides encryption as a service, access control, and key management capabilities. It enables organizations to securely store and control access to tokens, passwords, certificates, API keys, and other sensitive data.
Contributors
8,247
Organizations
2,555
Software value
$29M
Spring Security
Spring Security is a powerful and highly customizable authentication and access-control framework for Java applications, particularly those built with Spring. It provides comprehensive security services for enterprise software applications, including authentication, authorization, and protection against common security vulnerabilities.
Contributors
6,344
Organizations
1,013
Software value
$20M
JumpServer
JumpServer is an open-source PAM (Privileged Access Management) platform that provides secure access control, session monitoring, and audit capabilities for enterprise infrastructure. It enables centralized management of system accounts, SSH keys, and remote access while supporting multi-factor authentication and detailed operation logs.
Contributors
4,559
Organizations
301
Software value
$5.2M
Open Policy Agent
Stop using a different policy language, policy model, and policy API for every product and service you use. Use OPA for a unified toolset and framework for policy across the cloud native stack. Whether for one service or for all your services, use OPA to decouple policy from the service's code so you can release, analyze, and review policies (which security and compliance teams love) without sacrificing availability or performance.
Contributors
4,513
Organizations
1,213
Software value
$257M
OAuth2 Proxy
OAuth2 Proxy is a reverse proxy and static file server that provides authentication using OAuth2 providers to secure HTTP endpoints. It acts as a middleware to protect web applications by requiring users to authenticate via an OAuth2 provider before accessing protected resources.
Contributors
3,850
Organizations
1,220
Software value
$4.5M
Laravel Permission
Associate users with roles and permissions
Contributors
2,916
Organizations
455
Software value
$324K
Micronaut Framework
Micronaut is a modern JVM-based framework for building modular, easily testable microservices and serverless applications. It provides dependency injection, AOP, configuration management, and cloud-native features with fast startup time and reduced memory footprint.
Contributors
2,677
Organizations
487
Software value
$16M
Laravel Passport
Laravel Passport is an OAuth2 server implementation for Laravel applications that provides a full OAuth2 server implementation for Laravel applications, enabling secure API authentication through access tokens.
Contributors
2,603
Organizations
585
Software value
$283K
OpenBao
OpenBao is a secure secret management and encryption tool that provides a centralized solution for storing and controlling access to tokens, passwords, certificates, and other sensitive data. It is a fork of HashiCorp Vault focused on maintaining core secret management functionality.
Contributors
2,484
Organizations
555
Software value
$236M
ZITADEL
ZITADEL - Identity infrastructure, simplified for you.
Contributors
1,982
Organizations
478
Software value
$41M
WSO2 Identity Server
WSO2 Identity Server is an open-source identity and access management (IAM) solution that enables organizations to manage user identities, secure access to applications and APIs, and implement strong authentication and authorization. It provides features like single sign-on (SSO), multi-factor authentication, identity federation, and compliance with security standards.
Contributors
1,712
Organizations
120
Software value
$20M
Doorkeeper
Doorkeeper is an OAuth 2.0 provider library for Ruby applications that enables authentication and authorization functionality. It allows Ruby applications to act as OAuth 2.0 providers, supporting token generation, client authentication, and resource protection.
Contributors
1,473
Organizations
542
Software value
$597K
Casdoor
Casdoor is an open-source Identity and Access Management (IAM) and Single Sign-On (SSO) platform that provides centralized authentication, authorization, and user management capabilities. It supports multiple authentication protocols, social login providers, and offers features like user management, permission control, and organization management.
Contributors
1,262
Organizations
274
Software value
$4.4M
SPIFFE
Inspired by the production infrastructure of Google and others, SPIFFE is a set of open-source standards for securely identifying software systems in dynamic and heterogeneous environments.
Contributors
1,235
Organizations
375
Software value
$19M
PHP OAuth 2.0 Server
A spec compliant, secure by default PHP OAuth 2.0 Server
Contributors
1,180
Organizations
373
Software value
$336K
OpenFGA
OpenFGA is a Fine-Grained Authorization System inspired by Google's Zanzibar paper. It’s based on a Relationship-Based Access Control model that is more expressive than alternatives like RBAC/ABAC, while providing high reliability and low latency at scale. The combination of expressiveness and the ability to scale makes it suitable to be used across multiple domains, enabling standardization on a single authorization implementation."
Contributors
1,060
Organizations
298
Software value
$16M
Central Authentication Service (CAS)
CAS (Central Authentication Service) is an enterprise single sign-on solution for web applications. It implements a secure single sign-on protocol that allows users to access multiple applications while providing their credentials only once, supporting various authentication mechanisms and integrations with external identity providers.
Contributors
1,047
Organizations
125
Software value
$21M
CanCanCan
The authorization Gem for Ruby on Rails.
Contributors
1,030
Organizations
303
Software value
$1.3M
Pundit
Pundit is a Ruby authorization library that provides a simple DSL for managing access control rules and permissions in Ruby applications. It helps developers implement authorization policies and role-based access control through a minimal, object-oriented approach.
Contributors
1,008
Organizations
351
Software value
$88K
Casbin
An authorization library that supports access control models like ACL, RBAC, ABAC in Golang: https://discord.gg/S5UjpzGZjN
Contributors
1,003
Organizations
225
Software value
$671K
SSSD - System Security Services Daemon
SSSD (System Security Services Daemon) is a system daemon that provides access to various identity and authentication providers, enabling Linux/UNIX systems to authenticate users against remote directories like Active Directory, LDAP, and IPA while maintaining a local cache for offline operation.
Contributors
982
Organizations
202
Software value
$15M
OpenIddict
OpenIddict is a versatile OpenID Connect server and OAuth 2.0 authorization server framework for ASP.NET Core and .NET. It provides a comprehensive solution for implementing authentication and authorization in .NET applications, supporting various flows and integration scenarios.
Contributors
907
Organizations
138
Software value
$11M
PacketFence
PacketFence is a fully supported, trusted, Free and Open Source network access control (NAC) solution. Boasting an impressive feature set including a captive-portal for registration and remediation, centralized wired and wireless management, powerful BYOD management options, 802.1X support, layer-2 isolation of problematic devices; PacketFence can be used to effectively secure networks small to very large heterogeneous networks.
Contributors
893
Organizations
59
Software value
$33M
Linux-PAM
Linux PAM (Pluggable Authentication Modules for Linux) project
Contributors
787
Organizations
188
Software value
$2.1M
AWS IAM Terraform Module
Terraform module to create AWS IAM resources 🇺🇦
Contributors
649
Organizations
224
Software value
$222K
Apache Ranger
Apache Ranger - To enable, monitor and manage comprehensive data security across the Hadoop platform and beyond
Contributors
602
Organizations
85
Software value
$32M
go-ldap
A Go client library for interacting with LDAP (Lightweight Directory Access Protocol) servers, providing functionality for LDAP operations like searching, adding, modifying, and deleting directory entries
Contributors
523
Organizations
137
Software value
$255K
FreeIPA
FreeIPA is an integrated security information management solution combining Linux (389) Directory Server, MIT Kerberos, NTP, DNS, and Dogtag certificate system. It provides centralized authentication, authorization and account information by storing data about users, groups, hosts and other objects necessary to manage the security aspects of a network of computers.
Contributors
520
Organizations
74
Software value
$26M
Cedar Policy
Cedar is an open-source policy language and evaluation engine that enables fine-grained access control and authorization decisions. It provides a human-readable syntax for writing security policies and a high-performance validator and interpreter for evaluating authorization requests against those policies.
Contributors
452
Organizations
87
Software value
$14M
Signon
Signon is a single sign-on (SSO) authentication and authorization system used by the UK Government Digital Service (GDS) to manage access to internal administrative web applications. It provides user authentication, role-based permissions, and access control for government staff and third-party users.
Contributors
363
Organizations
60
Software value
$1M
pac4j
pac4j is a security framework that provides authentication and authorization support for Java web applications and web services. It offers multiple authentication mechanisms including OAuth, SAML, OpenID Connect, and custom protocols, along with features for user profile management and security enforcement.
Contributors
351
Organizations
77
Software value
$1.9M
Athenz
A project from Verizon/Yahoo focusing on Kubernetes workload security.
Contributors
322
Organizations
62
Software value
$24M
WildFly Elytron
WildFly Elytron is a security framework that provides authentication, authorization, and security capabilities for WildFly and JBoss EAP applications. It implements security protocols, credential stores, and security realms while offering integration with various authentication mechanisms and identity stores.
Contributors
321
Organizations
42
Software value
$5.4M
Apache Shiro
Apache Shiro
Contributors
311
Organizations
82
Software value
$2.1M
Permify
Permify is an open-source authorization service and policy engine that implements attribute-based access control (ABAC). It provides a scalable solution for managing permissions and access control in applications, with features like policy management, real-time authorization decisions, and integration capabilities.
Contributors
268
Organizations
68
Software value
$5M
GLAuth
GLAuth is a lightweight LDAP authentication server written in Go that provides a secure and efficient way to manage user authentication and authorization. It supports multiple backends including file-based, S3, and SQL databases, and offers features like TLS encryption, password hashing, and group-based access control.
Contributors
242
Organizations
87
Software value
$173K
MidPoint
Evolveum MidPoint: Identity Management (IDM) and Identity Governance (IGA)
Contributors
193
Organizations
15
Software value
$115M
Paralus
Paralus offers access management for developers, architects, and CI/CD tools to remote K8s clusters by consolidating zero-trust access principles such as transaction level authentication and authorization into a single open-source tool. It helps engineering and architecture teams streamline access control for their fleet of K8s clusters spanning different operating environments, different public clouds and K8s distributions, and on-premises data centers operating behind firewalls. Paralus grants authorized users seamless and secure access to all clusters with a native and familiar kubectl experience by acting as a proxy between the users and systems needing access and the K8s API server. It also addresses one of K8s’ main pain points by eliminating the burden of managing K8s access controls cluster by cluster. Without Paralus, companies must manually manage access to each cluster using jump hosts or VPNs, and build custom tooling to audit and map all actions performed to a user’s identity – all of which is error-prone and increases the risk of breaches as the number of clusters grows. Along with helping directly manage role-based access control (RBAC) policies and assignments, Paralus enables: - Creation of custom roles, users, and groups. - Custom user role creation and revoking of permissions. - Ability to control access via pre-configured roles across clusters, namespaces, projects, and more. - Seamless integration with Identity Providers (IdPs) allowing the use of external authentication engines for users and group definitions, such as GitHub, Google, Azure AD, Okta, and others. - Automatic logging of all user actions performed for audit and compliance purposes. - Interact with Paralus either with a modern web GUI (default), a CLI tool called pctl, or Paralus API.
Contributors
145
Organizations
43
Software value
$8.5M
Apache Syncope
Apache Syncope is an open source Identity Access Management (IAM) system that provides comprehensive digital identity management, provisioning, and access governance capabilities. It enables organizations to manage identities, credentials, and access rights across multiple systems and applications through a unified platform.
Contributors
132
Organizations
16
Software value
$13M
Paladin
A project focused on developing tools and solutions for the Linux Foundation's Digital Trust initiatives
Contributors
70
Organizations
12
Software value
$8.5M
Filament Shield
The easiest and most intuitive way to add access management to your Filament Panel; Resources, Pages & Widgets through `spatie/laravel-permission`
This project hasn't been onboarded to LFX Insights.