awesome-repositories.com
Blog
awesome-repositories.com

Entdecke die besten Open-Source-Repositories mit KI-gestützter Suche.

EntdeckenKuratierte SuchenOpen-Source-AlternativenSelf-hosted SoftwareBlogSitemap
ProjektÜber unsRanking-MethodikPresseMCP-Server
RechtlichesDatenschutzAGB
© 2026 Bringes Technology SRL·VAT RO45896025·hello@awesome-repositories.com
·
stack-auth avatar

stack-auth/stack-auth

0
View on GitHub↗
6,699 Stars·507 Forks·TypeScript·other·9 Aufrufestack-auth.com↗

Stack Auth

Stack Auth is an open-source authentication and authorization platform that provides pre-built UI components, OAuth integration, team management, and session handling for web applications. It offers a complete authentication lifecycle covering sign-in, sign-up, session management, password recovery, and multi-factor security, with support for passkey authentication and OAuth providers including Google, GitHub, and Apple.

The platform includes a team-based permission system with role-based access control, allowing users to be organized into teams with granular permissions for membership management and resource access. It provides server-side session management with cookie-based token exchange, API-key-based authentication for programmatic access, and webhook event delivery with signed, tamper-proof HTTP callbacks and automatic retries. The system also captures client-side analytics and session replays for debugging and usage analysis.

Beyond authentication, Stack Auth handles billing and payments with support for subscriptions, one-time charges, and usage metering for individuals or teams. It includes an email notification system with customizable templates, themes, and user-controlled preferences, along with data storage capabilities for JSON metadata and encrypted secrets on user and team records. The platform offers a production mode with a pre-launch checklist for domain setup, callback locking, and secret rotation.

Features

  • Authentication-as-a-Service - Provides pre-built authentication flows with OAuth, passkeys, and session management for web apps.
  • Team Member Management - Organizes users into teams with role-based access control, invitations, and member management.
  • Team Member Invitations - Sends email invitations to join teams with role-based access control and a team switcher.
  • Webhook Delivery - Sends real-time backend notifications via POST requests with signed JSON payloads to configurable endpoints.
  • Webhook Event Receivers - Receives POST requests with JSON payloads at configured server URLs for user and team events.
  • Team Management - Creates teams, manages members, assigns role-based permissions, and stores team-specific profiles.
  • Team Creators - Creates new teams and optionally adds the creator with default permissions from the dashboard.
  • Team Deleters - Deletes teams, requiring the delete team permission on the client side.
  • Team-Scoped Access Control - Groups users into teams with granular permissions for membership management and resource access control.
  • Webhook Configuration - Ships interfaces for defining and managing webhook endpoints and routing parameters.
  • Signed Webhook Deliveries - Sends signed, tamper-proof webhooks with automatic retries and dashboard-based endpoint management.
  • Webhook Event Consumers - Processes incoming webhook payloads to drive system integrations.
  • API Key Authentication - Validates incoming API calls by checking the provided API key against stored user or team credentials.
  • API Key Management - Generates and manages scoped API keys for programmatic access to user and team resources.
  • Key Lifecycle Dashboards - Ships a dashboard for generating and rotating scoped API keys programmatically.
  • Pre-built Authentication Components - Ships ready-made sign-in, sign-up, and user management components that drop into any page.
  • Server-Side Session Stores - Creates and maintains authenticated sessions using server-side storage and cookie-based token exchange.
  • Open-Source Authentication Platforms - An open-source authentication and authorization platform with pre-built UI components and team management.
  • OAuth Token Exchanges - Provides an API to retrieve current OAuth access tokens for authorized external API calls.
  • OAuth Provider Integrations - Integrates with Google, GitHub, and Apple so users can sign in with existing accounts.
  • Passkey Authentication - Lets users sign in using device-based biometric or PIN authentication without a password.
  • Unified Passkey and OAuth Sign-in Flows - Handles sign-in flows including passkeys, OAuth providers, and CLI authentication with a single drop-in component.
  • Embedded Authentication Forms - Renders pre-built forms for user authentication, including credential and magic link sign-in options.
  • Team Action Permission Checks - Verifies a user has the required permission before performing an action on a team.
  • Role-Based Access Control - Defines and enforces granular access permissions for users and teams based on assigned roles.
  • Route Protection - Redirects unauthenticated visitors to the sign-in page using client hooks, server calls, or middleware.
  • Session Authentication - Creates, maintains, and terminates authenticated sessions across client and server components.
  • Full Lifecycle Managers - Creates, maintains, and terminates authenticated sessions across the application for each user.
  • Sign-Up Form Customizations - Builds a custom sign-up form by replacing the default component with a tailored implementation.
  • Webhook Integrations - Fires HTTP callbacks on user events so external systems react to sign-ups, logins, and other actions.
  • Authentication UI Components - Renders pre-built authentication forms and management interfaces as replaceable React components with customizable styling.
  • Sign-In Page Customizations - Builds a custom sign-in page by replacing the default component with a tailored implementation.
  • Email and Notifications - Sends transactional and marketing emails with customizable themes, templates, and user preference management.
  • Customizable Email Notification Platforms - Provides an email system with customizable templates, SMTP integration, and user-controlled preferences.
  • User Activity Dashboards with Session Replays - Provides live active-user counts, session replays, and dashboard building with plain-English or SQL queries.
  • Billing and Usage - Handles subscriptions, one-time charges, and usage metering with credits for users or teams.
  • Usage Metering & Billing - Handles subscriptions, one-time charges, and usage-based billing for individuals or teams.
  • Transactional Emailing - Sends automated emails for user verification, password resets, and other account-related events.
  • Unified Email Dispatch Services - Delivers both transactional and marketing emails from one API with AI template editing and tracking.
  • Prebuilt Management Interfaces - Provides ready-made UI components for users and teams to manage their own API keys.
  • CLI-Based Authentication - Opens a browser-based login flow from a terminal so users can authenticate with their existing accounts.
  • Callback Domain Validators - Restricts authentication callbacks to the project's registered domain to block token interception.
  • API Key Authentication - Generates and manages scoped API keys that authenticate programmatic access to user and team resources.
  • User Profile Management - Modifies a user's display name, email, or other profile fields through a direct update call.
  • Account Merging - Links a new OAuth sign-in to an existing account when the provider identity matches.
  • Custom Provider Configurations - Lets projects use their own OAuth app credentials so the consent screen shows their brand.
  • Scope Requests - Specifies the permissions an application needs from an external provider during sign-in.
  • Forgot Password Flows - Provides a customizable forgot password page with a tailored implementation.
  • User Session Termination - Ends the user's session and redirects them to a configured post-logout page.
  • Two-Factor Authentication - Requires users to provide a second verification factor during sign-in to strengthen account security.
  • Account Approval Workflows - Marks new accounts as restricted until an administrator reviews and approves them.
  • Password Resets - Provides a customizable password reset flow with a tailored implementation.
  • User Profile Retrieval - Returns the signed-in user's data in a client component, or null when no user is authenticated.
  • Server-Side Retrievals - Fetches the signed-in user's data once during server-side rendering, without reactive updates.
  • Sign-up Rule Evaluators - Evaluates sign-up attempts against customizable rules based on email domain or auth method.
  • Webhook Security - Validates cryptographic signatures on incoming webhook payloads to confirm origin and prevent replay attacks.
  • Dashboard Builders - Provides live active user counts, session replays, and natural-language querying for building dashboards.
  • Session Replays - Plays back recorded user sessions with filtering by user, team, duration, and click count.
  • Analytics - Provides live active-user counts, session replays, and natural-language querying for building dashboards.
  • Client-Side - Captures client-side events and records user sessions for debugging and usage analysis.
  • Analytics Tracking - Ships a built-in analytics dashboard that collects and displays usage metrics and user activity data.
  • Client-Side Analytics Instrumentation - Automatically records browser interactions and session data through an initialized SDK for later query and replay.
  • Usage Analytics - Collects and displays metrics on user activity, sign-ups, and feature adoption through a dashboard.
  • User Avatar Dropdowns - Displays the user's avatar and opens a dropdown menu for accessing account settings and preferences.
  • User Profiles - Shows the currently authenticated user's account information and settings within the application UI.

Star-Verlauf

Star-Verlauf für stack-auth/stack-authStar-Verlauf für stack-auth/stack-auth

KI-Suche

Entdecke weitere awesome Repositories

Beschreibe in einfachen Worten, was du brauchst — die KI bewertet tausende kuratierte Open-Source-Projekte nach Relevanz.

Start searching with AI

Open-Source-Alternativen zu Stack Auth

Ähnliche Open-Source-Projekte, sortiert nach der Anzahl der gemeinsamen Funktionen mit Stack Auth.
  • teamhanko/hankoAvatar von teamhanko

    teamhanko/hanko

    8,801Auf GitHub ansehen↗

    Hanko is an open-source identity provider and customer identity and access management system. It serves as a passkey authentication service and an OAuth and SAML SSO gateway, allowing applications to authenticate users and issue tokens via standard identity protocols. The project distinguishes itself through a strong focus on passwordless access using WebAuthn-based passkeys and email-based passcodes. It provides framework-agnostic authentication interfaces as customizable web components that can be embedded directly into web applications to handle login, registration, and profile management.

    Go2faauthenticationciam
    Auf GitHub ansehen↗8,801
  • supertokens/supertokens-coreAvatar von supertokens

    supertokens/supertokens-core

    14,922Auf GitHub ansehen↗

    SuperTokens Core is an open-source, self-hosted authentication and identity management platform designed for deployment within private infrastructure. It provides a comprehensive suite for managing user accounts, roles, and secure authentication flows, utilizing a modular, recipe-based architecture that allows developers to enable specific security features without modifying the core codebase. The platform distinguishes itself through its robust multi-tenancy capabilities, which allow for the logical or physical isolation of user records and configuration settings across different organizatio

    Javaauth0authenticationaws-cognito
    Auf GitHub ansehen↗14,922
  • projectdiscovery/subfinderAvatar von projectdiscovery

    projectdiscovery/subfinder

    13,105Auf GitHub ansehen↗

    Subfinder is a security reconnaissance framework designed for subdomain enumeration and attack surface management. It functions as a discovery engine that identifies and maps internet-exposed infrastructure, cloud-hosted assets, and network ranges to maintain a comprehensive inventory of an organization's digital footprint. The project distinguishes itself through a modular, template-driven scanning engine that executes security checks against discovered assets. It leverages cloud-native asset discovery to query provider APIs and infrastructure metadata, while supporting distributed agent orc

    Gobugbountyhackinghacktoberfest
    Auf GitHub ansehen↗13,105
  • fingerprintjs/fingerprintjsAvatar von fingerprintjs

    fingerprintjs/fingerprintjs

    27,334Auf GitHub ansehen↗

    Fingerprint is a visitor identification and fraud detection platform that generates persistent, unique identifiers by analyzing browser and device attributes. By extracting technical signals from the client environment, it enables reliable user tracking across sessions without relying on traditional cookies. The platform distinguishes itself through its focus on high-accuracy identification and security-first architecture. It employs edge-side proxying to bypass ad-blockers and privacy restrictions, ensuring consistent data collection. To maintain data integrity, it uses cryptographic payload

    TypeScriptaudio-fingerprintingbrowserbrowser-fingerprint
    Auf GitHub ansehen↗27,334
Alle 30 Alternativen zu Stack Auth anzeigen→

Häufig gestellte Fragen

Was macht stack-auth/stack-auth?

Stack Auth is an open-source authentication and authorization platform that provides pre-built UI components, OAuth integration, team management, and session handling for web applications. It offers a complete authentication lifecycle covering sign-in, sign-up, session management, password recovery, and multi-factor security, with support for passkey authentication and OAuth providers including Google, GitHub, and Apple.

Was sind die Hauptfunktionen von stack-auth/stack-auth?

Die Hauptfunktionen von stack-auth/stack-auth sind: Authentication-as-a-Service, Team Member Management, Team Member Invitations, Webhook Delivery, Webhook Event Receivers, Team Management, Team Creators, Team Deleters.

Welche Open-Source-Alternativen gibt es zu stack-auth/stack-auth?

Open-Source-Alternativen zu stack-auth/stack-auth sind unter anderem: teamhanko/hanko — Hanko is an open-source identity provider and customer identity and access management system. It serves as a passkey… supertokens/supertokens-core — SuperTokens Core is an open-source, self-hosted authentication and identity management platform designed for… projectdiscovery/subfinder — Subfinder is a security reconnaissance framework designed for subdomain enumeration and attack surface management. It… fingerprintjs/fingerprintjs — Fingerprint is a visitor identification and fraud detection platform that generates persistent, unique identifiers by… laravel/jetstream — Jetstream is an application scaffold for Laravel that provides a pre-built identity system and team collaboration… usekaneo/kaneo — Kaneo is an open-source project management platform built around a kanban board interface for organizing tasks into…