28 dépôts
Support for machine-to-machine authentication using client identifiers and secrets.
Distinguishing note: Specifically targets client credentials flow, distinct from user-interactive OAuth.
Explore 28 awesome GitHub repositories matching security & cryptography · Client Credentials. Refine with filters or upvote what's useful.
Bruno is a local-first API client designed for building, testing, and managing network requests across a wide range of protocols. By storing all collections and configurations as plain-text files directly on the local filesystem, it enables native version control and offline access, ensuring that project data remains under user control without requiring cloud synchronization. The platform distinguishes itself through a declarative approach to API management, utilizing a domain-specific language to define request parameters and metadata. This architecture supports a robust testing environment
Allows specifying token endpoints and client identifiers to set up OAuth 2.0 client credentials authentication.
Chatbox is a desktop client and multi-provider chat interface for interacting with large language model APIs across various service providers and local installations. It functions as a local-first AI conversation manager that stores chat history and user settings directly on the device. The application provides a unified interface to connect multiple AI backends for text generation and image creation. It includes a specialized rendering system for AI responses that supports technical documentation through syntax highlighting, Markdown, and Latex mathematical notation. The platform manages pr
Provides secure local storage and injection of API keys for interacting with various AI providers.
Open-Higgsfield-AI is a generative AI content studio and visual workflow orchestrator. It provides a unified interface for creating photorealistic images and videos, utilizing a node-based editor to chain multiple image, video, and audio models into automated content pipelines. The system functions as an AI video animation tool and local GPU inference engine, allowing users to run generative models on local hardware or remote servers. It includes specialized capabilities for audio-driven lip synchronization and cinematic camera controls to adjust virtual lens and focal settings. The platform
Provides secure client-side storage for API authentication keys to ensure they are transmitted only to the required service provider.
NATS Server is a high-performance, lightweight messaging system designed for cloud-native applications, edge computing, and distributed microservices. It functions as a distributed publish-subscribe broker that routes messages using hierarchical, dot-separated subject strings, enabling decoupled communication between services without requiring centralized broker lookups. The system supports core messaging patterns including asynchronous publish-subscribe, request-reply, and load-balanced queue processing. The platform distinguishes itself through a decentralized architecture that eliminates t
Validates incoming connections against a defined list of usernames and passwords to ensure authorized access.
Casdoor is a centralized identity and access management platform that functions as an OAuth 2.0 authorization server. It provides a comprehensive suite of services for managing user identities, authentication sessions, and access policies across both web and machine-to-machine applications. Built with a decoupled frontend-backend architecture in Go, the platform supports high-concurrency environments and offers a web-based management interface for administrative tasks. The platform distinguishes itself through its extensive support for federated identity management, allowing integration with
Exchanges client credentials for access tokens to support machine-to-machine authentication.
Nanobrowser is an AI browser automation tool and Chrome extension that uses large language models to execute complex, multi-step web workflows through a natural language interface. It functions as a multi-agent workflow orchestrator, coordinating specialized AI agents to plan strategies and interact with page elements to complete tasks. The system emphasizes local-first operations, acting as a local API manager that stores provider credentials and executes data processing within the browser to keep sensitive information and keys out of external servers. It utilizes a provider-agnostic API bri
Securely stores API authentication keys on the client side to avoid third-party server transmission.
This project is a cloud-native identity and access management platform designed to centralize authentication, authorization, and identity lifecycle management. It functions as a standards-compliant OpenID Connect authorization server, providing secure session management and token issuance for web, mobile, and device-based applications. The platform is built to handle complex identity requirements through stateless token authentication and support for modern passwordless methods, including biometrics and hardware keys. What distinguishes this platform is its native support for multi-tenant env
Verifies service accounts using client identifiers and secrets for non-signing authentication scenarios.
This project provides a TypeScript software development kit for the Model Context Protocol, a standard designed to facilitate bidirectional communication between AI applications and external data sources or tools. It serves as a foundational framework for building both clients and servers, enabling language models to interact with external systems through a unified, decoupled interface. The SDK distinguishes itself by implementing a transport-agnostic connection layer that supports both local standard input-output streams and remote HTTP endpoints. It utilizes a JSON-RPC message bus to manage
Supports automated machine-to-machine authentication using client credentials.
Mosquitto is a message broker that implements the MQTT protocol to route messages between connected devices and applications. It functions as a central hub for event-driven communication, supporting message exchange over both raw TCP and WebSockets. The software provides a persistent messaging infrastructure by writing message queues and client subscription states to disk, ensuring data recovery following service interruptions. The broker distinguishes itself through its support for distributed system synchronization, allowing for the federation of multiple remote brokers to share data across
Allows administrators to create, enable, disable, or remove user accounts while the messaging service remains operational.
This project is an AI-powered IDE extension and LLM coding assistant that provides a conversational interface for generating, refactoring, and debugging code. It functions as an AI agent framework and a Model Context Protocol client, connecting AI models to external data sources and tools to automate complex development tasks. The system is distinguished by its use of autonomous AI agents capable of multi-step task execution, including the ability to read files, modify code, and run terminal commands iteratively. It supports recursive agent orchestration through subagent delegation and employ
Securely manages and integrates personal API keys for third-party or self-hosted AI providers.
Oumi is a comprehensive large language model development platform designed for synthesizing data, fine-tuning models, and running performance evaluations. It serves as a unified environment for the entire model lifecycle, encompassing a training and fine-tuning suite, an evaluation framework, and tools for synthetic data generation and model distillation. The platform is distinguished by its iterative, failure-driven synthesis approach, which analyzes model weaknesses during evaluation to generate targeted training data. It utilizes an LLM-based judge framework to programmatically score respo
Provides tools for managing payment configurations and API authentication credentials to secure service access.
G0DM0D3 is a static web client and multi-model chat gateway designed for AI research, prompt optimization, and red teaming. It provides a unified interface to query numerous AI models in parallel, allowing for the simultaneous evaluation of different prompt variations and sampling parameters to identify the most successful outputs. The project features specialized tooling for probing safety filters and bypassing model constraints through an input perturbation engine that applies text obfuscation and character substitution. It includes a composite scoring system to rank model performance and a
Stores sensitive API credentials within the browser to prevent keys from being transmitted to centralized servers.
BAML is a prompt engineering framework and LLM client generator that defines AI prompts as type-safe functions. It serves as a structured data extraction tool and workflow orchestrator, transforming unstructured model responses into strongly typed objects using a custom schema language and alignment algorithms. The project distinguishes itself by using a compiler to generate language-specific boilerplate code for API communication and output parsing. It features a dedicated environment for designing complex prompt templates with conditional logic and reusable snippets, and employs genetic alg
Passes authentication credentials dynamically during specific calls to support per-user API key management.
Mycroft Core est une plateforme d'assistant vocal open source qui traite les commandes vocales et exécute des compétences modulaires pour des tâches comme la domotique et la recherche d'informations. Il est construit autour d'un framework d'appareil couplé au cloud, où un appareil d'assistant vocal se lie à un compte cloud via un code de couplage vocal pour synchroniser les clés API et les compétences. La plateforme fonctionne via un pipeline d'analyse d'intention qui traite la reconnaissance vocale, l'extraction d'intention et la correspondance de compétences, le tout coordonné par une architecture de bus de messages qui découple le traitement vocal, l'exécution des compétences et la sortie audio. Un moteur de mot d'éveil permet la capture de commandes en écoute permanente, tandis que la synthèse vocale convertit les réponses en parole audible en utilisant des moteurs vocaux configurables. La configuration est gérée via un système multicouche qui charge et fusionne les paramètres à partir de plusieurs fichiers dans un ordre de priorité défini, permettant aux personnalisations de l'utilisateur de remplacer les valeurs par défaut. Les utilisateurs peuvent remplacer les identifiants des services cloud par défaut par des clés API personnalisées pour une opération indépendante, et les compétences sont chargées en tant que plugins indépendants qui enregistrent les intentions et les gestionnaires sans nécessiter de modifications du noyau.
Allows users to replace default cloud service credentials with custom API keys in configuration files.
Spotify Player is a terminal-based client for streaming and controlling Spotify music directly from the command line. It combines a text-based user interface with a background daemon mode, allowing users to browse their Spotify library, manage playlists, and control playback entirely through keyboard shortcuts. The application integrates with Spotify's Web API and Connect protocol, enabling remote playback control across devices while streaming audio locally without the official client. The player distinguishes itself through its plugin-based command system, which lets users define custom she
Reads the Spotify client ID from a shell command instead of storing it in plain text.
Trail of Bits stores long-term API keys for third-party services in plaintext on the local filesystem with world-readable permissions.
Keyhacks is a command-line tool that tests whether API keys and tokens for dozens of cloud services are valid and active. It automates the verification of discovered credentials during security auditing and penetration testing, confirming if leaked or harvested API keys, tokens, and secrets are still operational. The tool validates credentials by sending lightweight, service-specific HTTP requests to each platform's API endpoint and inspecting the response status or body. Each validation runs independently without storing state between requests, using pre-defined request templates with the co
Tests a GitHub client ID and client secret by making an authenticated API request.
recon-ng is an open source intelligence reconnaissance framework designed to automate the collection and aggregation of public information. It is a modular intelligence tool that utilizes a system of pluggable modules to harvest target data, resolve DNS queries, and parse web content. The framework is built as an API-driven tool with a programmatic interface to integrate with other security workflows. It is provided as a containerized application, using Docker to ensure a consistent environment for running reconnaissance tasks and managing a persistent data store. Its capabilities cover exte
Securely manages authentication tokens required to access data from third-party intelligence services.
The Snyk CLI is a command-line security scanner that detects known vulnerabilities across open-source dependencies, proprietary application code, container images, and infrastructure-as-code configuration files. It also serves as a platform management tool, allowing users to configure organizations, users, SSO, and reporting from the terminal rather than the web dashboard. The CLI integrates directly into development workflows, enabling scanning within IDEs, build pipelines, and version control systems. It implements static analysis with interfile data flow analysis to find complex security f
Uses OAuth2 client credentials to generate short-lived tokens for automated service accounts.
React Email Editor is a drag-and-drop visual builder for creating responsive email templates, built as a React embeddable component. It also serves as an AI-powered email designer, a collaborative email design tool, and a React component library for composing emails programmatically with JSX. The editor represents designs as structured JSON and supports multi-format rendering for email clients, web pages, and PDF. What distinguishes this editor is its deep AI integration: users can generate full email templates from natural language, rewrite text with chosen intent, produce multiple text vari
Allows users to override the default API key with a custom one for authenticating AI features.