awesome-repositories.com
Blog
awesome-repositories.com

Descubre los mejores repositorios open-source con nuestra búsqueda potenciada por IA.

ExplorarBúsquedas curadasAlternativas open-sourceSoftware autohospedableBlogMapa del sitio
ProyectoAcerca deCómo clasificamosPrensaServidor MCP
Aviso legalPrivacidadTérminos
© 2026 Bringes Technology SRL·VAT RO45896025·hello@awesome-repositories.com
·
Back to authlib/authlib

Open-source alternatives to Authlib

30 open-source projects similar to authlib/authlib, ranked by how many features they have in common. Compare stars, activity and what each one does to find the best Authlib alternative.

  • lepture/authlibAvatar de lepture

    lepture/authlib

    5,346Ver en GitHub↗

    Authlib is a comprehensive Python framework for implementing OAuth 1.0, OAuth 2.0, and OpenID Connect clients and servers. It provides a complete toolkit for identity management, spanning the development of authorization servers, resource servers, and client-side integrations. The library distinguishes itself through a full implementation of the JOSE specifications, including JSON Web Tokens, Encryption, Signatures, and Keys. It features specialized capabilities for non-interactive authentication via service account assertion frameworks and a compliance-correction layer designed to handle ide

    Python
    Ver en GitHub↗5,346
  • doorkeeper-gem/doorkeeperAvatar de doorkeeper-gem

    doorkeeper-gem/doorkeeper

    5,501Ver en GitHub↗

    Doorkeeper is an OAuth 2 authorization server and provider for Ruby on Rails and Grape applications. It provides the necessary framework to build an authorization server that issues and validates security tokens for third-party applications, effectively acting as a security middleware to protect API endpoints. The project integrates an identity layer via OpenID Connect to verify user identities and retrieve profile information. It supports a variety of security patterns, including the implementation of the PKCE flow for public clients and the issuance of stateless JSON Web Tokens. Its broade

    Ruby
    Ver en GitHub↗5,501
  • anomalyco/openauthAvatar de anomalyco

    anomalyco/openauth

    6,971Ver en GitHub↗

    OpenAuth is a standards-based authentication server and identity provider that implements OAuth 2.0 and OpenID Connect protocols. It serves as a centralized system for managing user identities, issuing access tokens, and orchestrating authentication flows across various services. The project functions as a federated identity gateway, aggregating external providers such as Google, GitHub, Microsoft, Apple, and Discord into a unified login flow. It distinguishes itself with a multi-tenant architecture that supports pluggable identity providers and customizable user interface frameworks for bran

    TypeScript
    Ver en GitHub↗6,971

Búsqueda con IA

Explora más repositorios increíbles

Describe lo que necesitas en lenguaje sencillo: la IA clasifica miles de proyectos open-source curados por relevancia.

Find more with AI search
  • thephpleague/oauth2-serverAvatar de thephpleague

    thephpleague/oauth2-server

    6,650Ver en GitHub↗

    This project is a PHP library for implementing a spec-compliant OAuth 2.0 authorization server. It serves as an authentication framework for managing user identities and client authorizations, providing the necessary components to issue and validate access and refresh tokens. The server supports a wide range of standardized authorization flows, including authorization code exchange, device grants, implicit flows, and PKCE enforcement. It handles complex token lifecycles through refresh token rotation, scope management, and the use of asymmetric keys for signing digital tokens. The system pro

    PHPoauthoauth2oauth2-server
    Ver en GitHub↗6,650
  • openiddict/openiddict-coreAvatar de openiddict

    openiddict/openiddict-core

    5,168Ver en GitHub↗

    This project is a .NET identity stack and server framework used to build certified OpenID Connect and OAuth 2.0 identity providers. It provides the core logic required to issue and validate security tokens and manage user authentication across various grant types and protocol flows. The framework includes a protocol translation layer that bridges OpenID Connect and SAML to enable interoperability between different identity providers. It also supports a stateless mode of operation, which removes built-in validation and storage to allow for manual control over token and client verification. Th

    C#
    Ver en GitHub↗5,168
  • jwtk/jjwtAvatar de jwtk

    jwtk/jjwt

    11,085Ver en GitHub↗

    This is a Java library and framework for creating, parsing, and validating JSON Web Tokens within Java and Android applications. It provides a comprehensive toolkit for handling signed and encrypted tokens, including the generation and verification of JWS and JWE objects. The project differentiates itself through a flexible architecture that supports pluggable JSON serialization and custom signature algorithms. It includes a dedicated key manager for generating, encoding, and organizing JSON Web Keys and key sets, as well as support for hardware security module integration. The library cover

    Java
    Ver en GitHub↗11,085
  • panva/node-oidc-providerAvatar de panva

    panva/node-oidc-provider

    3,756Ver en GitHub↗

    node-oidc-provider is a framework for building OpenID Certified authorization servers and identity providers within Node.js environments. It provides a comprehensive suite of tools for managing the full lifecycle of OAuth 2.0 and OpenID Connect services, including user authentication, client registration, and the issuance and validation of identity and access tokens. The project distinguishes itself through a highly modular architecture that allows developers to integrate authentication services directly into existing web application stacks. It supports advanced customization through a middle

    JavaScriptauthorizationauthorization-serverconnect
    Ver en GitHub↗3,756
  • dexidp/dexAvatar de dexidp

    dexidp/dex

    10,902Ver en GitHub↗

    Dex is an OpenID Connect provider and identity federation proxy that translates authentication signals from various upstream sources into a unified OpenID Connect interface. It functions as a multi-protocol identity broker, enabling client applications to implement a single standard while delegating user verification to external identity providers. The project distinguishes itself through a pluggable connector architecture that bridges disparate protocols including LDAP, SAML, and OAuth2. It provides specific integrations for services such as GitHub, Google, GitLab, and Microsoft, while offer

    Gohacktoberfestidentity-provideridp
    Ver en GitHub↗10,902
  • simov/grantAvatar de simov

    simov/grant

    4,174Ver en GitHub↗

    Grant is an OAuth authentication proxy that interfaces applications with third-party identity providers to manage handshakes and token exchanges through a transparent proxy layer. It provides a secure OAuth client implementation that validates OpenID Connect tokens and manages multi-provider identity under a unified configuration. The project differentiates itself through support for serverless authentication flows, allowing the proxy logic to be deployed as cloud functions. It implements advanced security mechanisms including Proof Key for Code Exchange and private key JWT authentication to

    JavaScriptauthenticationauthorizationaws
    Ver en GitHub↗4,174
  • spring-attic/spring-security-oauthAvatar de spring-attic

    spring-attic/spring-security-oauth

    4,693Ver en GitHub↗

    This project is an OAuth security framework for Java web applications. It provides a set of tools for adding authentication and authorization to Spring applications using standardized delegated authorization protocols. The library implements both OAuth 1.0a and OAuth 2.0 standards. For OAuth 2.0, it includes implementations for both the client side, to request access tokens and consume protected resources, and the provider side, to issue access tokens and manage authorization grants. The framework covers API authorization workflows, securing communication between applications, and managing d

    Java
    Ver en GitHub↗4,693
  • jazzband/djangorestframework-simplejwtAvatar de jazzband

    jazzband/djangorestframework-simplejwt

    4,321Ver en GitHub↗

    This is a JSON Web Token authentication package for the Django REST Framework that manages stateless user identities. It serves as an authentication provider and token manager used to issue and validate signed tokens to maintain user sessions across multiple requests. The project implements a dual-token lifecycle, issuing short-lived access tokens and long-lived refresh tokens to balance security with session persistence. It features token rotation to prevent replay attacks and a blacklisting system to invalidate compromised credentials. Additionally, it supports sliding-window expiration to

    Python
    Ver en GitHub↗4,321
  • dgrijalva/jwt-goAvatar de dgrijalva

    dgrijalva/jwt-go

    10,747Ver en GitHub↗

    jwt-go is a Go library for creating, parsing, and verifying signed JSON Web Tokens. It provides a pluggable signing interface that supports multiple cryptographic algorithms, including HMAC, RSA, ECDSA, and RSA-PSS, allowing tokens to be signed and verified with different security properties. The library is built around a signing-method registry and a token-parsing pipeline that splits a JWT string into its header, payload, and signature segments for validation. It includes typed error classification for common failure modes such as invalid signatures, expired tokens, or malformed input, and

    Go
    Ver en GitHub↗10,747
  • smallstep/cliAvatar de smallstep

    smallstep/cli

    4,255Ver en GitHub↗

    This project is a command-line tool for managing public key infrastructure and digital identities. It provides a comprehensive suite for X.509 certificate lifecycle management, including the generation, signing, renewal, and revocation of certificates and signing requests. The tool distinguishes itself through specialized security capabilities such as binding cryptographic credentials to TPMs and HSMs for hardware-backed identity attestation. It also provides dedicated support for machine identity security, using short-lived SSH certificates and mTLS to secure non-human workloads. Broad capa

    Gocertificatecryptographyencryption
    Ver en GitHub↗4,255
  • jwt/ruby-jwtAvatar de jwt

    jwt/ruby-jwt

    3,684Ver en GitHub↗

    This is a Ruby implementation library for encoding, decoding, and verifying JSON Web Tokens according to the RFC 7519 standard. It provides the primary tools for token signing and encoding, integrity verification, and the extraction of payloads and headers. The project includes a comprehensive JSON Web Key manager for importing, exporting, and resolving key sets. This system facilitates the generation of key thumbprints and the resolution of specific verification keys based on token identifiers. The library covers a wide range of security validation mechanisms, including the verification of

    Ruby
    Ver en GitHub↗3,684
  • mitreid-connect/openid-connect-java-spring-serverAvatar de mitreid-connect

    mitreid-connect/OpenID-Connect-Java-Spring-Server

    1,506Ver en GitHub↗

    This project is an authentication and authorization platform built on the Spring framework that functions as a centralized identity provider and authorization server. It manages user identities and protects resources by implementing standardized protocols to verify credentials and issue secure tokens for web applications. The platform distinguishes itself by providing a comprehensive framework for managing complex authorization flows and identity verification. It supports dynamic client registration to automate the onboarding of third-party applications and utilizes relational database persis

    Java
    Ver en GitHub↗1,506
  • ory/hydraAvatar de ory

    ory/hydra

    17,236Ver en GitHub↗

    Hydra is a headless identity server that functions as a certified OAuth2 and OpenID Connect provider. It is designed as an authentication engine that manages authorization handshakes and token lifecycles while remaining decoupled from the user interface. The project distinguishes itself through a headless architecture, allowing external management of login and consent flows. It provides specialized capabilities for dynamic client registration, JSON Web Token issuance, and a system for rotating encryption secrets without service downtime. The system covers a broad range of identity operations

    Go
    Ver en GitHub↗17,236
  • oauthjs/node-oauth2-serverAvatar de oauthjs

    oauthjs/node-oauth2-server

    4,067Ver en GitHub↗

    node-oauth2-server is an OAuth2 server implementation for Node.js that functions as an authorization provider. It enables the creation of a centralized server to manage client registration and issue access tokens for third-party applications using the OAuth2 protocol. The project operates as Node.js middleware, integrating authorization logic directly into web application request pipelines. It provides a bearer token validator to verify identity and permissions by checking security tokens within incoming HTTP request headers. The system covers API access control, token management, and user a

    JavaScriptoauth2-server
    Ver en GitHub↗4,067
  • authorizerdev/authorizerAvatar de authorizerdev

    authorizerdev/authorizer

    1,968Ver en GitHub↗

    Authorizer is an open-source identity provider that functions as a centralized authentication and authorization platform. It manages user identities and session lifecycles by implementing standard OpenID Connect protocols, allowing for secure verification across web, mobile, and backend applications. The service is designed as a containerized microservice that provides a unified interface for administrative and authentication operations. The platform distinguishes itself through a multi-tenant architecture that isolates authentication rules and user data across different business domains. It

    Go2faauthauthentication
    Ver en GitHub↗1,968
  • gam-team/gamAvatar de GAM-team

    GAM-team/GAM

    4,206Ver en GitHub↗

    GAM is a command-line tool for administering Google Workspace and Cloud Identity. It translates command-line arguments into structured API calls, enabling administrators to manage users, groups, organizational units, and domain settings across a Google Workspace environment. The tool handles authentication through OAuth2 flows, service accounts, and workload identity federation, and supports multi-tenant configurations for managing multiple domains or cloud projects from a single installation. GAM distinguishes itself through its batch processing and automation capabilities. It can process la

    Pythongamgooglegoogle-admin-sdk
    Ver en GitHub↗4,206
  • ibm/mcp-context-forgeAvatar de IBM

    IBM/mcp-context-forge

    3,310Ver en GitHub↗

    mcp-context-forge is a Model Context Protocol federation gateway that unifies diverse AI tool servers and APIs into a single consistent interface for discovery and execution. It acts as a centralized proxy that aggregates multiple servers and APIs, allowing AI agents to access and invoke a unified set of tools, prompts, and resources. The project distinguishes itself through a multi-protocol translation bridge that converts communication between standard I/O, SSE, gRPC, and REST to enable interoperability between disparate tool servers. It includes a comprehensive LLM evaluation framework for

    Pythonagentsaiapi-gateway
    Ver en GitHub↗3,310
  • netlify/gotrueAvatar de netlify

    netlify/gotrue

    4,424Ver en GitHub↗

    GoTrue is a JWT identity provider and user management API. It functions as an OAuth 2.0 compliant server that handles user registration and authentication while issuing signed JSON Web Tokens to control access to protected API resources. The service integrates external identity providers to allow users to sign in using third-party accounts. It also includes an SMTP notification service for delivering password resets, signup confirmations, and account recovery emails. The system covers broader capabilities for user account management, including the ability to update user profiles and manage c

    Goauthenticationjwtproduction
    Ver en GitHub↗4,424
  • opencloud-eu/opencloudAvatar de opencloud-eu

    opencloud-eu/opencloud

    4,829Ver en GitHub↗

    OpenCloud is a self-hosted platform for synchronizing files across devices and sharing them with team members through collaborative spaces and access controls. It enables users to sync files between a server and local desktop and mobile clients, manage files and folders, and share content with internal and external contributors via permission-based links and file drops. The platform integrates an embedded OpenID Connect identity provider for authentication and supports external identity providers. It stores all data and metadata directly on the filesystem, eliminating the need for a separate

    Go
    Ver en GitHub↗4,829
  • jpadilla/pyjwtAvatar de jpadilla

    jpadilla/pyjwt

    5,598Ver en GitHub↗

    PyJWT is a Python library for encoding, decoding, and verifying JSON Web Tokens (JWTs). It provides comprehensive JWT functionality including algorithm-agnostic signing and verification, supporting both symmetric HMAC shared-secret cryptography and asymmetric RSA/ECDSA public-key cryptography for flexible trust models. The library implements a claim-based validation pipeline that checks issuer, audience, expiration, and other time-based claims during token decoding, with configurable clock skew tolerance for distributed systems. It requires callers to explicitly specify allowed signing algori

    Pythonhacktoberfestjwtpython
    Ver en GitHub↗5,598
  • auth0/java-jwtAvatar de auth0

    auth0/java-jwt

    6,227Ver en GitHub↗

    This is a Java library for creating and verifying JSON Web Tokens (JWTs), supporting multiple cryptographic signing algorithms including HMAC, RSA, and ECDSA. The library provides a builder pattern for constructing tokens with custom claims and algorithm selection, and offers separate verification methods that check signatures and validate standard claims such as expiration, issuer, and audience. The library abstracts cryptographic algorithms behind a common interface, allowing pluggable signing and verification without coupling token creation to a specific algorithm. Tokens are represented a

    Javadx-sdkjavajwt
    Ver en GitHub↗6,227
  • spring-projects/spring-authorization-serverAvatar de spring-projects

    spring-projects/spring-authorization-server

    5,102Ver en GitHub↗

    Spring Authorization Server is an OAuth 2.1 and OpenID Connect 1.0 authorization server built on Spring Security. It implements the full protocol surface for issuing access and refresh tokens, including authorization code, client credentials, device code, and token exchange grants, as well as pushed authorization requests and user consent management. The server also functions as an OpenID Connect provider, supporting ID tokens, userinfo, discovery, logout, and dynamic client registration. The project distinguishes itself through an extensible framework that allows custom grant types, pluggabl

    Java
    Ver en GitHub↗5,102
  • praw-dev/prawAvatar de praw-dev

    praw-dev/praw

    4,168Ver en GitHub↗

    PRAW is a Python wrapper for the Reddit API, functioning as a REST API client and social media data crawler. It provides a programmatic interface to fetch data, manage account content, and interact with the platform. The library implements a comprehensive OAuth 2.0 client supporting multiple authorization flows, including password, implicit, and refresh tokens, as well as read-only guest access. It distinguishes itself through a rate-limit-aware request scheduler that tracks server-side throttling to prevent API quota exhaustion and employs lazy-loading resource objects to fetch data only whe

    Pythonapioauthpraw
    Ver en GitHub↗4,168
  • tymondesigns/jwt-authAvatar de tymondesigns

    tymondesigns/jwt-auth

    11,484Ver en GitHub↗

    jwt-auth is a PHP package providing JSON Web Token authentication for Laravel and Lumen applications. It serves as a token provider and stateless session manager, allowing applications to issue and validate signed tokens to manage user identity across network requests. The library implements stateless API security by verifying identity tokens sent in request headers, removing the requirement to store session data on the server. It uses signed tokens to verify user credentials and restrict access to protected resources. The project provides capabilities for user access control, authentication

    PHP
    Ver en GitHub↗11,484
  • supertokens/supertokens-coreAvatar de supertokens

    supertokens/supertokens-core

    14,922Ver en GitHub↗

    SuperTokens Core is an open-source, self-hosted authentication and identity management platform designed for deployment within private infrastructure. It provides a comprehensive suite for managing user accounts, roles, and secure authentication flows, utilizing a modular, recipe-based architecture that allows developers to enable specific security features without modifying the core codebase. The platform distinguishes itself through its robust multi-tenancy capabilities, which allow for the logical or physical isolation of user records and configuration settings across different organizatio

    Javaauth0authenticationaws-cognito
    Ver en GitHub↗14,922
  • lucia-auth/luciaAvatar de lucia-auth

    lucia-auth/lucia

    10,461Ver en GitHub↗

    Lucia is an authentication library that provides session management, OAuth integration, and password-based login for web applications. It creates and validates server-side sessions using cryptographically random tokens stored in HttpOnly, Secure, SameSite=Lax cookies, with constant-time token comparison to prevent timing side-channel attacks. The library supports authentication through email and password, GitHub OAuth, Google OAuth, and passkey-based sign-in. It enforces two-factor authentication using time-based one-time passwords (TOTP) from authenticator apps, generates recovery codes for

    authoauthtypescript
    Ver en GitHub↗10,461
  • auth0/node-jsonwebtokenAvatar de auth0

    auth0/node-jsonwebtoken

    18,171Ver en GitHub↗

    This project is a Node.js library for implementing and managing JSON Web Tokens. It functions as a cryptographic token manager and authentication tool used to sign, verify, and decode tokens to securely transmit claims between parties. The library supports both symmetric and asymmetric signing algorithms, including HMAC and RSA. It enables the creation of digitally signed tokens using secrets or private keys, and provides mechanisms to validate token signatures and verify embedded claims such as expiration and issuer. The tool covers a range of identity and access capabilities, including sta

    JavaScript
    Ver en GitHub↗18,171