80 projects
Laravel Framework
Laravel Framework is an open-source PHP framework for building web applications, offering features such as routing, authentication, and database management.
Contributors
24,107
Organizations
4,609
Software value
$11M
Keycloak
Keycloak is an open source Identity and access management solution aimed at modern applications and services. It makes it easy to secure applications and services with little to no code. Keycloak is based on standard protocols with an aim toward modern use cases and the flexibility to integrate with other solutions and prevent vendor lock in. Supported protocols include: OAuth2, OpenID Connect, User Managed Access 2.0 (UMA) and SAML 2.0.
Contributors
17,104
Organizations
2,713
Software value
$3.6B
The Symfony PHP Framework
Symfony is a PHP web application framework designed for building robust, scalable, and maintainable web applications using reusable components and a structured MVC architecture. It’s widely used for enterprise-level projects and forms the foundation of many other PHP platforms, including Laravel and Drupal.
Contributors
16,993
Organizations
3,375
Software value
$67M
Vault
Vault is a secure secrets management and data protection system that provides encryption as a service, access control, and key management capabilities. It enables organizations to securely store and control access to tokens, passwords, certificates, API keys, and other sensitive data.
Contributors
8,290
Organizations
2,581
Software value
$29M
Spring Security
Spring Security is a powerful and highly customizable authentication and access-control framework for Java applications, particularly those built with Spring. It provides comprehensive security services for enterprise software applications, including authentication, authorization, and protection against common security vulnerabilities.
Contributors
6,412
Organizations
1,045
Software value
$20M
Better Auth
A library or framework focused on authentication and authorization functionality, likely providing improved authentication mechanisms and security features for applications
Contributors
5,021
Organizations
1,200
Software value
$11M
JumpServer
JumpServer is an open-source PAM (Privileged Access Management) platform that provides secure access control, session monitoring, and audit capabilities for enterprise infrastructure. It enables centralized management of system accounts, SSH keys, and remote access while supporting multi-factor authentication and detailed operation logs.
Contributors
4,583
Organizations
297
Software value
$5.2M
Open Policy Agent
Stop using a different policy language, policy model, and policy API for every product and service you use. Use OPA for a unified toolset and framework for policy across the cloud native stack. Whether for one service or for all your services, use OPA to decouple policy from the service's code so you can release, analyze, and review policies (which security and compliance teams love) without sacrificing availability or performance.
Contributors
4,535
Organizations
1,215
Software value
$257M
OAuth2 Proxy
OAuth2 Proxy is a reverse proxy and static file server that provides authentication using OAuth2 providers to secure HTTP endpoints. It acts as a middleware to protect web applications by requiring users to authenticate via an OAuth2 provider before accessing protected resources.
Contributors
3,881
Organizations
1,236
Software value
$4.5M
Laravel Permission
Associate users with roles and permissions
Contributors
2,925
Organizations
464
Software value
$373K
Micronaut Framework
Micronaut is a modern JVM-based framework for building modular, easily testable microservices and serverless applications. It provides dependency injection, AOP, configuration management, and cloud-native features with fast startup time and reduced memory footprint.
Contributors
2,679
Organizations
486
Software value
$16M
Laravel Passport
Laravel Passport is an OAuth2 server implementation for Laravel applications that provides a full OAuth2 server implementation for Laravel applications, enabling secure API authentication through access tokens.
Contributors
2,607
Organizations
593
Software value
$285K
OpenBao
OpenBao is a secure secret management and encryption tool that provides a centralized solution for storing and controlling access to tokens, passwords, certificates, and other sensitive data. It is a fork of HashiCorp Vault focused on maintaining core secret management functionality.
Contributors
2,538
Organizations
562
Software value
$236M
Authelia
Authelia is an open-source authentication and authorization server providing single sign-on (SSO) and 2-factor authentication for web applications. It acts as a portal to secure applications by verifying user identities and controlling access through various authentication methods.
Contributors
2,162
Organizations
453
Software value
$8.8M
ZITADEL
ZITADEL - Identity infrastructure, simplified for you.
Contributors
2,023
Organizations
505
Software value
$44M
Angular OAuth2 OIDC
An Angular library that implements OAuth 2.0 and OpenID Connect (OIDC) protocols for client-side authentication and authorization in Angular applications. It supports various OAuth flows, token management, and integration with identity providers.
Contributors
1,918
Organizations
272
Software value
$1.8M
Ory Kratos
Ory Kratos is an open-source identity and user management system that provides secure authentication, registration, and user management capabilities. It offers features like multi-factor authentication, password recovery, profile management, and identity verification while maintaining compliance with security best practices.
Contributors
1,808
Organizations
602
Software value
$11M
Ory Hydra
Ory Hydra is an OAuth 2.0 and OpenID Connect server (identity provider) that handles authentication and authorization for web and mobile applications. It implements industry security standards, supports various OAuth flows, and provides features like JSON Web Token handling, consent management, and secure session management.
Contributors
1,780
Organizations
555
Software value
$8.7M
WSO2 Identity Server
WSO2 Identity Server is an open-source identity and access management (IAM) solution that enables organizations to manage user identities, secure access to applications and APIs, and implement strong authentication and authorization. It provides features like single sign-on (SSO), multi-factor authentication, identity federation, and compliance with security standards.
Contributors
1,725
Organizations
126
Software value
$20M
Doorkeeper
Doorkeeper is an OAuth 2.0 provider library for Ruby applications that enables authentication and authorization functionality. It allows Ruby applications to act as OAuth 2.0 providers, supporting token generation, client authentication, and resource protection.
Contributors
1,470
Organizations
556
Software value
$597K
Python Social Auth Core
Python Social Auth Core is a Python library that provides a common interface for implementing authentication and authorization using various social providers and protocols like OAuth, OpenID, and others. It serves as the foundation for integrating social login functionality into Python applications.
Contributors
1,303
Organizations
341
Software value
$800K
Casdoor
Casdoor is an open-source Identity and Access Management (IAM) and Single Sign-On (SSO) platform that provides centralized authentication, authorization, and user management capabilities. It supports multiple authentication protocols, social login providers, and offers features like user management, permission control, and organization management.
Contributors
1,301
Organizations
283
Software value
$4.6M
SPIFFE
Inspired by the production infrastructure of Google and others, SPIFFE is a set of open-source standards for securely identifying software systems in dynamic and heterogeneous environments.
Contributors
1,257
Organizations
385
Software value
$19M
Ion Auth
Ion Auth is a simple and lightweight authentication system for CodeIgniter PHP framework. It provides user authentication, role-based access control, and account management features including login, registration, password reset, and user groups.
Contributors
1,223
Organizations
184
Software value
$391K
PHP OAuth 2.0 Server
A spec compliant, secure by default PHP OAuth 2.0 Server
Contributors
1,183
Organizations
375
Software value
$336K
OpenFGA
OpenFGA is a Fine-Grained Authorization System inspired by Google's Zanzibar paper. It’s based on a Relationship-Based Access Control model that is more expressive than alternatives like RBAC/ABAC, while providing high reliability and low latency at scale. The combination of expressiveness and the ability to scale makes it suitable to be used across multiple domains, enabling standardization on a single authorization implementation."
Contributors
1,079
Organizations
303
Software value
$16M
Central Authentication Service (CAS)
CAS (Central Authentication Service) is an enterprise single sign-on solution for web applications. It implements a secure single sign-on protocol that allows users to access multiple applications while providing their credentials only once, supporting various authentication mechanisms and integrations with external identity providers.
Contributors
1,048
Organizations
128
Software value
$21M
CanCanCan
The authorization Gem for Ruby on Rails.
Contributors
1,031
Organizations
303
Software value
$1.3M
Pundit
Pundit is a Ruby authorization library that provides a simple DSL for managing access control rules and permissions in Ruby applications. It helps developers implement authorization policies and role-based access control through a minimal, object-oriented approach.
Contributors
1,008
Organizations
353
Software value
$88K
Casbin
An authorization library that supports access control models like ACL, RBAC, ABAC in Golang: https://discord.gg/S5UjpzGZjN
Contributors
1,004
Organizations
225
Software value
$682K
SSSD - System Security Services Daemon
SSSD (System Security Services Daemon) is a system daemon that provides access to various identity and authentication providers, enabling Linux/UNIX systems to authenticate users against remote directories like Active Directory, LDAP, and IPA while maintaining a local cache for offline operation.
Contributors
985
Organizations
208
Software value
$15M
Sa-Token
Sa-Token is a lightweight Java authentication and authorization framework that provides features like login authentication, permission verification, single sign-on, OAuth2.0, and JWT token management. It aims to simplify security implementation in Java applications with minimal configuration.
Contributors
912
Organizations
54
Software value
$2.5M
OpenIddict
OpenIddict is a versatile OpenID Connect server and OAuth 2.0 authorization server framework for ASP.NET Core and .NET. It provides a comprehensive solution for implementing authentication and authorization in .NET applications, supporting various flows and integration scenarios.
Contributors
909
Organizations
142
Software value
$11M
PacketFence
PacketFence is a fully supported, trusted, Free and Open Source network access control (NAC) solution. Boasting an impressive feature set including a captive-portal for registration and remediation, centralized wired and wireless management, powerful BYOD management options, 802.1X support, layer-2 isolation of problematic devices; PacketFence can be used to effectively secure networks small to very large heterogeneous networks.
Contributors
898
Organizations
59
Software value
$33M
OAuth2 Server PHP
A PHP library that provides OAuth 2.0 server functionality, allowing developers to implement OAuth 2.0 authorization and authentication in their applications. It includes support for various grant types, token management, and scope handling.
Contributors
881
Organizations
210
Software value
$339K
Linux-PAM
Linux PAM (Pluggable Authentication Modules for Linux) project
Contributors
792
Organizations
195
Software value
$2.1M
Authlib
Authlib is a Python library that provides OAuth and OpenID Connect client and server implementations. It offers tools for building OAuth providers and consumers, supporting various OAuth flows, JWT handling, and secure authentication/authorization functionality.
Contributors
777
Organizations
239
Software value
$1.3M
Microsoft Authentication Library for iOS and macOS
The Microsoft Authentication Library (MSAL) for iOS and macOS is a client library that enables mobile and desktop applications to securely authenticate users and access Microsoft Cloud APIs and other protected resources using OAuth2 and OpenID Connect protocols
Contributors
772
Organizations
87
Software value
$2.3M
CASL
CASL is an authorization library that restricts what resources a given user is allowed to access. It implements Attribute Based Access Control (ABAC) and integrates with popular frameworks like Express.js, React, Vue, and Angular. The library provides a declarative way to manage permissions and roles in JavaScript/TypeScript applications.
Contributors
697
Organizations
178
Software value
$619K
Filament Shield
Filament Shield is a security package for the Laravel Filament admin panel that provides role and permission management functionality. It allows automatic generation of permissions based on resources and pages, and integrates with Spatie's Laravel Permission package to handle access control.
Contributors
675
Organizations
96
Software value
$346K
oidc-client-ts
A TypeScript-based OpenID Connect (OIDC) client library that implements the OIDC and OAuth2 protocols for browser-based applications, providing authentication and authorization functionality
Contributors
671
Organizations
136
Software value
$443K
Guardian
Guardian is an authentication and authorization library for Elixir applications that provides token-based security, flexible permissions, and seamless integration with Phoenix framework. It handles JWT tokens, session management, and access control while being highly configurable and extensible.
Contributors
661
Organizations
234
Software value
$259K
AWS IAM Terraform Module
Terraform module to create AWS IAM resources 🇺🇦
Contributors
651
Organizations
234
Software value
$222K
Apache Ranger
Apache Ranger - To enable, monitor and manage comprehensive data security across the Hadoop platform and beyond
Contributors
603
Organizations
85
Software value
$32M
Ory Oathkeeper
Ory Oathkeeper is an identity and access proxy (IAP) that authorizes HTTP requests based on sets of rules. It acts as a reverse proxy between clients and protected applications, validating incoming requests against configured access rules and enforcing authentication, authorization, and request mutation policies.
Contributors
600
Organizations
209
Software value
$2.5M
Pomerium
Pomerium is an identity-aware access proxy that enables secure access to internal applications and resources. It provides authentication, authorization, and zero-trust security for internal services, acting as a unified gateway for managing access across distributed applications.
Contributors
587
Organizations
234
Software value
$7.1M
Duende Products
Duende Software provides commercial identity and access control products for .NET, including IdentityServer - an OpenID Connect and OAuth 2.0 framework for ASP.NET Core that enables authentication, single sign-on, and API security for modern applications.
Contributors
569
Organizations
88
Software value
$36M
RainLab User Plugin
A user authentication and management plugin for October CMS that provides features like user registration, authentication, authorization, and profile management
Contributors
546
Organizations
67
Software value
$286K
mod_auth_openidc
An Apache module that enables OpenID Connect authentication and authorization for web applications, allowing integration with OpenID Connect providers for user authentication and access control
Contributors
539
Organizations
91
Software value
$815K
go-ldap
A Go client library for interacting with LDAP (Lightweight Directory Access Protocol) servers, providing functionality for LDAP operations like searching, adding, modifying, and deleting directory entries
Contributors
525
Organizations
147
Software value
$253K
FreeIPA
FreeIPA is an integrated security information management solution combining Linux (389) Directory Server, MIT Kerberos, NTP, DNS, and Dogtag certificate system. It provides centralized authentication, authorization and account information by storing data about users, groups, hosts and other objects necessary to manage the security aspects of a network of computers.
Contributors
520
Organizations
75
Software value
$26M
Cedar Policy
Cedar is an open-source policy language and evaluation engine that enables fine-grained access control and authorization decisions. It provides a human-readable syntax for writing security policies and a high-performance validator and interpreter for evaluating authorization requests against those policies.
Contributors
459
Organizations
88
Software value
$14M
Signon
Signon is a single sign-on (SSO) authentication and authorization system used by the UK Government Digital Service (GDS) to manage access to internal administrative web applications. It provides user authentication, role-based permissions, and access control for government staff and third-party users.
Contributors
363
Organizations
57
Software value
$1M
pac4j
pac4j is a security framework that provides authentication and authorization support for Java web applications and web services. It offers multiple authentication mechanisms including OAuth, SAML, OpenID Connect, and custom protocols, along with features for user profile management and security enforcement.
Contributors
354
Organizations
78
Software value
$1.9M
OpenAM
OpenAM is an open-source access management, entitlement and federation server platform that helps organizations manage access to applications and APIs through authentication, authorization and federation services
Contributors
326
Organizations
25
Software value
$70M
Athenz
A project from Verizon/Yahoo focusing on Kubernetes workload security.
Contributors
322
Organizations
60
Software value
$24M
WildFly Elytron
WildFly Elytron is a security framework that provides authentication, authorization, and security capabilities for WildFly and JBoss EAP applications. It implements security protocols, credential stores, and security realms while offering integration with various authentication mechanisms and identity stores.
Contributors
322
Organizations
43
Software value
$5.4M
Apache Shiro
Apache Shiro
Contributors
315
Organizations
77
Software value
$2.1M
Conjur
Conjur is an open source security service that provides secrets management, machine identity management, and role-based access control for applications and infrastructure. It enables organizations to secure and manage credentials, API keys, and other sensitive information across cloud-native and traditional environments.
Contributors
297
Organizations
19
Software value
$4.8M
Permify
Permify is an open-source authorization service and policy engine that implements attribute-based access control (ABAC). It provides a scalable solution for managing permissions and access control in applications, with features like policy management, real-time authorization decisions, and integration capabilities.
Contributors
282
Organizations
71
Software value
$5.2M