# goauthentik/authentik **Attribution required: if you use, quote, or summarise this content, you must credit and link back to [awesome-repositories.com](https://awesome-repositories.com/repository/goauthentik-authentik).** 22,035 stars · 1,659 forks · Python · NOASSERTION ## Links - GitHub: https://github.com/goauthentik/authentik - Homepage: https://goauthentik.io - awesome-repositories: https://awesome-repositories.com/repository/goauthentik-authentik.md ## Topics `authentication` `authentik` `authorization` `kubernetes` `oauth2` `oauth2-client` `oauth2-server` `oidc` `oidc-client` `oidc-provider` `proxy` `reverse-proxy` `saml` `saml-idp` `saml-sp` `security` `sso` ## Description Authentik is a centralized identity and access management platform designed to serve as a unified authentication authority. It enables enterprise single sign-on across diverse applications and services, providing a cloud-native identity provider that manages user sessions and security protocols from a single location. The platform distinguishes itself through a policy-driven flow engine and a visual orchestration interface. This allows administrators to design complex, custom authentication workflows by chaining modular verification stages and conditional logic. These workflows can be further refined with granular access policies that evaluate user attributes and environmental conditions, ensuring that security requirements are met through flexible, logic-based rules rather than static configurations. Beyond core authentication, the system supports infrastructure-wide automation through declarative blueprints and container-based deployment models. It includes comprehensive tools for user account management, background task scheduling, and system monitoring, all accessible via a centralized administrative dashboard. The platform is designed for high availability and scalability, allowing for integration with external databases and various cloud-native environments. The software is distributed as a containerized service, with installation supported through standard package managers and configuration templates. ## Tags ### Security & Cryptography - [Identity and Access Management](https://awesome-repositories.com/f/security-cryptography/identity-access-management.md) — Centralizes authentication and authorization across applications to ensure consistent identity verification. ([source](https://docs.goauthentik.io/)) - [Identity and Access Management Servers](https://awesome-repositories.com/f/security-cryptography/identity-and-access-management-servers.md) — Serves as a centralized platform for managing user identities, authentication protocols, and access policies across enterprise applications. - [Identity Providers](https://awesome-repositories.com/f/security-cryptography/identity-providers.md) — Acts as a centralized service providing unified authentication and session management for modern cloud-native infrastructure. - [Single Sign-On](https://awesome-repositories.com/f/security-cryptography/single-sign-on.md) — Enables centralized user access to multiple services using a single set of credentials. - [Authentication Flows](https://awesome-repositories.com/f/security-cryptography/authentication-flows.md) — Creates custom login processes by chaining verification stages into visual workflows that control user interaction. ([source](https://docs.goauthentik.io/)) - [Authentication Workflows](https://awesome-repositories.com/f/security-cryptography/authentication-workflows.md) — Facilitates the design of complex login and registration sequences by chaining verification stages. - [Visual Orchestrators](https://awesome-repositories.com/f/security-cryptography/authentication-workflows/visual-orchestrators.md) — Provides a visual engine to chain verification stages and conditional logic into custom user authentication and enrollment processes. - [Policy-Based Access Control](https://awesome-repositories.com/f/security-cryptography/policy-based-access-control.md) — Defines granular logic rules based on user attributes and environmental conditions to control resource access. - [Access Control Engines](https://awesome-repositories.com/f/security-cryptography/access-control-engines.md) — Enforces granular security rules by evaluating user eligibility and environmental conditions against protected digital resources. - [Authentication Security Policies](https://awesome-repositories.com/f/security-cryptography/authentication-security-policies.md) — Enables the definition of custom logic rules to evaluate and enforce authentication behavior. ([source](https://docs.goauthentik.io/customize/)) - [Policy Enforcement Engines](https://awesome-repositories.com/f/security-cryptography/policy-enforcement-engines.md) — Executes authentication logic by chaining modular verification stages into dynamic workflows evaluated against defined access rules. - [User Account Management](https://awesome-repositories.com/f/security-cryptography/user-account-management.md) — Provides tools for creating, modifying, and deactivating user profiles and managing account recovery settings. ([source](https://docs.goauthentik.io/users-sources/user/)) - [User Invitation Systems](https://awesome-repositories.com/f/security-cryptography/user-invitation-systems.md) — Generates secure invitation links to manage user onboarding and registration processes. ([source](https://docs.goauthentik.io/users-sources/user/)) - [Authorization Flows](https://awesome-repositories.com/f/security-cryptography/identity-access-management/access-control/policy-enforcement-engines/authorization-flows.md) — Enforces access policies on authentication workflows to validate user or group eligibility before execution. ([source](https://docs.goauthentik.io/add-secure-apps/flows-stages/flow/)) - [User Access Management](https://awesome-repositories.com/f/security-cryptography/user-access-management.md) — Tracks system status and manages user accounts through a centralized dashboard providing visual insights into authentication events. ([source](https://docs.goauthentik.io/)) - [Credential Security](https://awesome-repositories.com/f/security-cryptography/identity-access-management/credential-lifecycle-management/credential-security.md) — Generates and stores database and application access keys in protected files to initialize secure deployments. ([source](https://docs.goauthentik.io/install-config/install/docker-compose/)) ### DevOps & Infrastructure - [Containerized Service Deployment](https://awesome-repositories.com/f/devops-infrastructure/containerized-service-deployment.md) — Establishes core security infrastructure by deploying identity and access management services within containerized environments. ([source](https://docs.goauthentik.io/install-config/)) - [Container Orchestration Environments](https://awesome-repositories.com/f/devops-infrastructure/container-orchestration-environments.md) — Deploys modular components as isolated containerized units to ensure consistent execution across diverse infrastructure environments. - [Deployment Automation](https://awesome-repositories.com/f/devops-infrastructure/deployment-management-strategies/automation-and-tooling/deployment-automation.md) — Automates the lifecycle management of security services using container orchestration and configuration templates. - [Helm Chart Management](https://awesome-repositories.com/f/devops-infrastructure/helm-chart-management.md) — Deploys services into container clusters using package manager charts that automate database migrations during startup. ([source](https://docs.goauthentik.io/install-config/install/kubernetes/)) - [High Availability Systems](https://awesome-repositories.com/f/devops-infrastructure/high-availability-systems.md) — Designs redundant system architectures to minimize downtime and maintain continuous service availability. ([source](https://docs.goauthentik.io/install-config/)) - [Automation Blueprints](https://awesome-repositories.com/f/devops-infrastructure/automation-orchestration/task-execution-frameworks/automation-frameworks/config-templating/configuration-template-management/automation-blueprints.md) — Automates authentication resource deployment using importable and exportable configuration blueprints. ([source](https://docs.goauthentik.io/customize/)) ### Software Engineering & Architecture - [Asynchronous Task Queues](https://awesome-repositories.com/f/software-engineering-architecture/asynchronous-task-queues.md) — Offloads long-running background operations to a decoupled worker model for improved system maintenance and execution tracking. - [Environment Variables](https://awesome-repositories.com/f/software-engineering-architecture/application-lifecycle-management/configuration-management/environment-variable-management/environment-variables.md) — Controls application behavior and integration settings using environment variables for specific deployment contexts. ([source](https://docs.goauthentik.io/install-config/)) - [Declarative Configuration Systems](https://awesome-repositories.com/f/software-engineering-architecture/declarative-configuration-systems.md) — Uses structured data files to define and replicate complex system setups and resource configurations declaratively. ### Part of an Awesome List - [Identity and Access Providers](https://awesome-repositories.com/f/awesome-lists/devtools/identity-and-access-providers.md) — Open-source identity provider for centralized authentication. - [Authentication Services](https://awesome-repositories.com/f/awesome-lists/security/authentication-services.md) — Flexible authentication and identity management provider. - [Identity Management](https://awesome-repositories.com/f/awesome-lists/security/identity-management.md) — Flexible identity provider supporting multiple authentication protocols. ### System Administration & Monitoring - [Background Task Scheduling](https://awesome-repositories.com/f/system-administration-monitoring/background-task-scheduling.md) — Automates recurring operations using cron syntax and supports manual task triggering. ([source](https://docs.goauthentik.io/background-tasks/)) - [Task Monitoring](https://awesome-repositories.com/f/system-administration-monitoring/task-monitoring.md) — Tracks the lifecycle and status of background tasks to identify performance bottlenecks and errors. ([source](https://docs.goauthentik.io/background-tasks/)) - [Background Task Managers](https://awesome-repositories.com/f/system-administration-monitoring/administrative-operations/background-task-managers.md) — Offers a centralized interface to monitor and control background operations and execution intervals. ([source](https://docs.goauthentik.io/background-tasks/)) - [Task Management](https://awesome-repositories.com/f/system-administration-monitoring/task-management.md) — Supports investigation of failed tasks through logs and manual requeueing capabilities. ([source](https://docs.goauthentik.io/background-tasks/)) ### Data & Databases - [External Datastore Configurations](https://awesome-repositories.com/f/data-databases/external-datastore-configurations.md) — Links production-grade external database instances to ensure data persistence and scalability for high-traffic environments. ([source](https://docs.goauthentik.io/install-config/install/kubernetes/)) - [Relational Database Persistence](https://awesome-repositories.com/f/data-databases/relational-database-persistence.md) — Stores user identities, configuration states, and audit logs in external relational databases to ensure data integrity. ### User Interface & Experience - [Interface Customization](https://awesome-repositories.com/f/user-interface-experience/interface-customization.md) — Provides tools to modify user-facing web interfaces to meet specific organizational requirements. ([source](https://docs.goauthentik.io/customize/))