Authorization

Open-source projects categorized as Authorization
Edit details

Missing quite a few other open source projects in this space like SuperTokens (https://supertokens.com) and Keycloak.

Language: + Go + Ruby + JavaScript + Rust + PHP + Java + TypeScript + Objective-C + Objective-C++ + Python
Topics: Authentication Security access-control Rbac JWT
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com
featured

Top 23 Authorization Open-Source Projects

  • casbin

    An authorization library that supports access control models like ACL, RBAC, ABAC in Golang: https://discord.gg/S5UjpzGZjN

    • Project mention: A guide to Auth & Access Control in web apps πŸ” | dev.to | 2023-11-07

    https://casbin.org/ (multiple approaches, multiple languages, provider) Open source authZ library that has support for many access control models (ACL, RBAC, ABAC, …) and many languages (Go, Java, Node.js, JS, Rust, …). While somewhat complex, it is also powerful and flexible. They also have their Casdoor platform, which is authN and authZ provider.

  • Ory Hydra

    OpenID Certifiedβ„’ OpenID Connect and OAuth Provider written in Go - cloud native, security-first, open source API security for your infrastructure. SDKs for any language. Works with Hardware Security Modules. Compatible with MITREid.

    • Project mention: Show HN: Open-source OAuth2 server Ory Hydra now 6x faster | news.ycombinator.com | 2024-02-13

  • InfluxDB

    Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

    InfluxDB logo

  • cas

    Apereo CAS - Identity & Single Sign On for all earthlings and beyond.

    • Project mention: The Central Authentication Service Project | news.ycombinator.com | 2023-08-08

  • OPA (Open Policy Agent)

    Open Policy Agent (OPA) is an open source, general-purpose policy engine.

    • Project mention: Clusters Are Cattle Until You Deploy Ingress | dev.to | 2024-05-30

    Bart: Our numerous podcast discussions with seasoned professionals show that GitOps has been a recurring theme in about 90% of our conversations. Almost every guest we've interviewed has emphasized its importance, often mentioning it as their primary tool alongside other essentials like cert manager, Kyverno, or OPA, depending on their preferences.

  • Pundit

    Minimal authorization through OO design and pure Ruby classes

    • Project mention: A guide to Auth & Access Control in web apps πŸ” | dev.to | 2023-11-07

    https://github.com/varvet/pundit Popular open-source Ruby library focused around the notion of policies, giving you the freedom to implement your own approach based on that.

  • logto

    πŸ§‘β€πŸš€ The better identity infrastructure for developers and the open-source alternative to Auth0.

    • Project mention: Logto v1.12.0 - Organizations, SSO, and MFA | /r/selfhosted | 2023-12-06

  • zitadel

    ZITADEL - The best of Auth0 and Keycloak combined. Built for the serverless era.

    • Project mention: Maintainers of Zitadel and Ory discuss their tradeoffs as identity platforms | news.ycombinator.com | 2024-03-30

  • SaaSHub

    SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

    SaaSHub logo

  • authentik

    The authentication glue you need.

    • Project mention: Show HN: Stack, the open-source Clerk/Firebase Auth alternative | news.ycombinator.com | 2024-04-14

    If you're looking for a system that has more features, is user friendly, a nice admin ui and easy deployments compared to Keycloak. Please give https://goauthentik.io/ a shot. Not affiliated in any way, just a very happy user.

    It has

    -an admin UI

    - Supports (LDAP, SAML, OAUTH, social logins)

    - MFA, Passkeys

    - Application access based on user groups etc

  • CASL

    CASL is an isomorphic authorization JavaScript library which restricts what resources a given user is allowed to access

    • Project mention: CASL – Isomorphic authorization JavaScript library | news.ycombinator.com | 2024-01-24

  • CanCanCan

    The authorization Gem for Ruby on Rails.

    • Project mention: A guide to Auth & Access Control in web apps πŸ” | dev.to | 2023-11-07

    https://github.com/CanCanCommunity/cancancan (Ruby on Rails ABAC) Same like casl.js, but for Ruby on Rails! Casl.js was actually inspired and modeled by cancancan.

  • Doorkeeper

    Doorkeeper is an OAuth 2 provider for Ruby on Rails / Grape.

  • Ockam

    Orchestrate end-to-end encryption, cryptographic identities, mutual authentication, and authorization policies between distributed applications – at massive scale.

    • Project mention: Tunnelmole, an ngrok alternative (open source) | news.ycombinator.com | 2024-03-21

    disclosure: I work at Ockam.

    The Portals for Mac app is an example of the type of thing you could build using the open source stack of protocols. The README (linked by parent) links out to all of the relevant parts of the protocol documentation to explain how these work together. The NAT Traversal (https://github.com/build-trust/ockam/blob/develop/examples/a...) part of the README is probably the best explanation of why the free relay you get via Ockam Orchestrator is a useful part of this demo.

    As for why would anyone trust this: The protocols are designed so you absolutely don't have to trust the relay. Trust is pushed out to the edges that you control and so you're not susceptible to a MITM attack if something like a relay is compromised. The protocol design for all of this is open and documented, and was independently audited by (IMO) some of the best in the business, Trail of Bits: https://docs.ockam.io/reference/protocols.

  • santa

    A binary authorization and monitoring system for macOS

    • Project mention: NoTunes is a macOS application that will prevent Apple Music from launching | news.ycombinator.com | 2024-05-21

    Ah, this is a nice find! I've used Santa[1] to accomplish this with a silent block, which always felt like overkill when I was using it for solely that purpose.

    1. https://github.com/google/santa

  • Grant

    OAuth Proxy

    • Project mention: Most stable and easy to implement Auth with SvelteKit? | /r/sveltejs | 2023-12-05

  • react-native-permissions

    An unified permissions API for React Native on iOS, Android and Windows.

  • OAuth 2.0 Client

    Easy integration with OAuth 2.0 service providers.

  • oso

    Oso is a batteries-included framework for building authorization in your application.

    • Project mention: Who's hiring developer advocates? (October 2023) | dev.to | 2023-10-02

    Link to GitHub -->

  • bouncer

    Laravel Eloquent roles and abilities.

  • Ory Oathkeeper

    A cloud native Identity & Access Proxy / API (IAP) and Access Control Decision API that authenticates, authorizes, and mutates incoming HTTP(s) requests. Inspired by the BeyondCorp / Zero Trust white paper. Written in Go.

  • rolify

    Role management library with resource scoping

  • OAuthLib

    A generic, spec-compliant, thorough implementation of the OAuth request-signing logic

  • cerbos

    Cerbos is the open core, language-agnostic, scalable authorization solution that makes user permissions and authorization simple to implement and manage by writing context-aware access control policies for your application resources.

    • Project mention: How to Implement Authorization in React JS | dev.to | 2024-05-01

    Here, Cerbos comes into the picture.

  • permify

    Open source authorization service inspired by Google Zanzibar to build fine-grained and scalable authorization systems.

    • Project mention: Implementing Role Based Access Control in SvelteKit | dev.to | 2024-05-30

  • SaaSHub

    SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

    SaaSHub logo
NOTE: The open source projects on this list are ordered by number of github stars. The number of mentions indicates repo mentiontions in the last 12 Months or since we started tracking (Dec 2020).

Authorization related posts

  • Implementing Role Based Access Control in SvelteKit

    2 projects | dev.to | 30 May 2024

  • How to Model Cloud-Native Authorization

    1 project | dev.to | 13 May 2024

  • 45 Questions to Ask Yourself Before Modeling Authorization

    1 project | dev.to | 9 May 2024

  • Santa: A binary authorization and monitoring system for macOS

    1 project | news.ycombinator.com | 5 May 2024

  • OPA, Cedar, OpenFGA: Why are Policy Languages Trending Right Now?

    1 project | dev.to | 2 May 2024

  • How to Implement Authorization in React JS

    3 projects | dev.to | 1 May 2024

  • Show HN: ZenStack V2 – RLS alternative with declarative Auth rules in Prisma

    2 projects | news.ycombinator.com | 29 Apr 2024
  • A note from our sponsor - InfluxDB
    www.influxdata.com | 1 Jun 2024
    Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality. Learn more β†’

Index

What are some of the best open-source Authorization projects? This list will help you:

Project Stars
1 casbin 17,020
2 Ory Hydra 15,167
3 cas 10,704
4 OPA (Open Policy Agent) 9,204
5 Pundit 8,177
6 logto 7,395
7 zitadel 7,300
8 authentik 7,426
9 CASL 5,666
10 CanCanCan 5,514
11 Doorkeeper 5,259
12 Ockam 4,360
13 santa 4,327
14 Grant 4,046
15 react-native-permissions 3,933
16 OAuth 2.0 Client 3,613
17 oso 3,418
18 bouncer 3,401
19 Ory Oathkeeper 3,180
20 rolify 3,145
21 OAuthLib 2,757
22 cerbos 2,565
23 permify 2,552

Sponsored
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com