30 open-source projects similar to stack-auth/stack-auth, ranked by how many features they have in common. Compare stars, activity and what each one does to find the best Stack Auth alternative.
Hanko is an open-source identity provider and customer identity and access management system. It serves as a passkey authentication service and an OAuth and SAML SSO gateway, allowing applications to authenticate users and issue tokens via standard identity protocols. The project distinguishes itself through a strong focus on passwordless access using WebAuthn-based passkeys and email-based passcodes. It provides framework-agnostic authentication interfaces as customizable web components that can be embedded directly into web applications to handle login, registration, and profile management.
SuperTokens Core is an open-source, self-hosted authentication and identity management platform designed for deployment within private infrastructure. It provides a comprehensive suite for managing user accounts, roles, and secure authentication flows, utilizing a modular, recipe-based architecture that allows developers to enable specific security features without modifying the core codebase. The platform distinguishes itself through its robust multi-tenancy capabilities, which allow for the logical or physical isolation of user records and configuration settings across different organizatio
Subfinder is a security reconnaissance framework designed for subdomain enumeration and attack surface management. It functions as a discovery engine that identifies and maps internet-exposed infrastructure, cloud-hosted assets, and network ranges to maintain a comprehensive inventory of an organization's digital footprint. The project distinguishes itself through a modular, template-driven scanning engine that executes security checks against discovered assets. It leverages cloud-native asset discovery to query provider APIs and infrastructure metadata, while supporting distributed agent orc
Fingerprint is a visitor identification and fraud detection platform that generates persistent, unique identifiers by analyzing browser and device attributes. By extracting technical signals from the client environment, it enables reliable user tracking across sessions without relying on traditional cookies. The platform distinguishes itself through its focus on high-accuracy identification and security-first architecture. It employs edge-side proxying to bypass ad-blockers and privacy restrictions, ensuring consistent data collection. To maintain data integrity, it uses cryptographic payload
Kaneo is an open-source project management platform built around a kanban board interface for organizing tasks into columns with drag-and-drop status management. It functions as a self-hosted task manager that supports multiple workspaces, organizations, and role-based access control, with all persistent data stored in a PostgreSQL relational database and exposed through a RESTful JSON API. The platform distinguishes itself through deep external integration capabilities, connecting project workflows to GitHub, Gitea, Slack, Discord, and Telegram with automated event-driven actions. A webhook
Jetstream is an application scaffold for Laravel that provides a pre-built identity system and team collaboration framework. It serves as a starter kit that integrates user authentication, profile management, and organizational tools into a unified project structure. The project is distinguished by its comprehensive team management capabilities, which include shared workspace organization, member invitation workflows, and role-based access control. It also features an integrated API token manager for issuing and controlling secure access tokens for external clients. The platform covers a bro
RubyGems is a package manager for the Ruby language, serving as a tool for packaging, distributing, and installing libraries and software extensions. It functions as a dependency resolver and registry client, managing the installation of required libraries and their recursive dependencies to ensure consistent environments across development and production. The system handles the complete package lifecycle, including the building of distributable archives, the compilation of native C extensions for high-performance system integration, and the publishing of stable or prerelease versions to regi
Devpush is a self-hosted Git-based PaaS that automates the deployment of containerized applications. It maps each Git branch to an isolated Docker environment, creating a multi-environment runtime where staging, production, and other workflows run in parallel with scoped configuration and encrypted variables. Deployments are triggered automatically by Git push events via a configured GitHub App, managing the full lifecycle from build to release with zero-downtime rollouts and instant rollback. The platform includes a built-in Let's Encrypt SSL manager that automatically provisions and renews
This package provides a framework for receiving, verifying, and processing incoming webhooks within Laravel applications. It acts as a consumer for event streams, utilizing middleware to intercept HTTP requests, validate their authenticity through cryptographic signature verification, and route payloads to dedicated background jobs. The system distinguishes itself by offering granular control over multiple external service integrations, allowing developers to define unique configurations and endpoints for each provider. It ensures reliable operations by persisting raw request headers and payl
This project is an AI model API gateway and proxy server designed to provide a unified interface for interacting with diverse artificial intelligence service providers. It functions as a centralized middleware platform that routes, load balances, and translates API requests across multiple models, enabling developers to access text, image, audio, and video generation capabilities through a single, standardized integration. The gateway distinguishes itself through comprehensive administrative and financial controls, including event-driven usage accounting, real-time token consumption tracking,
InsForge is a backend-as-a-service platform that provides an integrated suite of tools for managing relational databases, identity provision, object storage, and serverless compute. It functions as an open-source identity provider and a PostgreSQL database manager featuring integrated vector storage and row-level security. The platform serves as an LLM orchestration gateway, offering a unified endpoint to route requests across various AI providers through an OpenAI-compatible interface. It enables AI-driven application generation and connects AI agents to backend resources using a standardize
Formbricks is an open-source survey and feedback platform designed to help teams capture and analyze user insights through targeted, in-app, and website-based interactions. It functions as a comprehensive customer experience analytics system that allows organizations to maintain full control over their data, user attributes, and survey workflows. The platform distinguishes itself through its event-driven architecture, which enables precise behavioral targeting by triggering surveys based on specific user actions or application events. It supports deep integration with external ecosystems by a
Vendure is a Node.js e-commerce engine and headless commerce framework built with NestJS and TypeScript. It serves as a multi-channel commerce platform that manages product catalogs, orders, and customers via a strongly typed GraphQL API. The platform is distinguished by its highly extensible architecture, featuring a customizable administrative dashboard where developers can inject custom React components and entity views. It supports multi-channel commerce, allowing the isolation of products, currencies, and regional catalogs from a single unified backend. The engine covers a broad range o
Stack is an open-source identity provider that manages user authentication, passkeys, and OAuth tokens. It provides an identity infrastructure that handles user data storage and authentication flows via a centralized administrative dashboard. The platform differentiates itself by integrating a multi-tenant user management system that organizes users into team workspaces through invitation flows. It includes a secure secret vault for storing encrypted API keys and user tokens using encryption keys that remain hidden from the service provider. The system covers a broad range of administrative
firebaseui-web is a library of pre-built web interface components for managing sign-in and identity flows using the Firebase SDK. It provides a customizable suite of themed and localized UI elements for user registration, password recovery, and account onboarding. The library supports a wide range of authentication methods, including traditional email and password, passwordless email sign-in, and phone-based verification with reCAPTCHA handling. It integrates third-party identity providers through OAuth, OIDC, and SAML standards, offering both popup and redirect strategies along with Google O
Polar is a digital product monetization engine and subscription management system. It serves as a merchant of record platform that handles global sales tax and VAT compliance, providing the infrastructure for selling subscriptions and one-time digital goods via hosted checkouts and embedded payment flows. The project functions as an entitlement and access manager, automating the granting and restriction of digital benefits, license keys, and third-party platform roles. It includes a dedicated usage-based billing infrastructure that tracks customer activity through meters to apply aggregation
Fonoster is a conversational AI framework and multi-tenant communications platform as a service. It serves as a programmable voice gateway and SIP telephony platform, enabling the creation of voice-based assistants and automated communication workflows using large language models. The project distinguishes itself through a vendor-agnostic speech integration engine that abstracts speech-to-text and text-to-speech providers. It features a multi-tenant architecture that isolates telephony resources and user identities into distinct organizational workspaces. The system covers a broad range of t
Unkey is an API key management platform and gateway control plane designed for issuing, verifying, and revoking secure keys with global distribution. It provides the infrastructure necessary to authenticate requests and authorize access to protected resources with low latency. The platform distinguishes itself through edge-based request authentication and distributed rate limiting, which allow for the verification of keys and enforcement of request quotas at the network edge. It also features a usage-based billing engine and a self-service developer portal, enabling the tracking of metered AP
This project is a comprehensive zero-knowledge security suite designed for enterprise credential management, secrets orchestration, and password management. It provides a secure, end-to-end encrypted vault that allows users to store, synchronize, and manage sensitive information, including passwords, passkeys, and infrastructure secrets, across desktop, mobile, and browser environments. The platform distinguishes itself through a strict zero-knowledge architecture where all encryption and decryption occur locally on the client, ensuring that plaintext data remains inaccessible to the server.
Kill Bill is a subscription billing platform and usage-based billing engine designed to manage recurring invoicing and automated payment collection. It functions as a multi-tenant billing infrastructure, providing isolated environments for different organizational entities through a dedicated API. The system is distinguished by a plugin-based extension framework that allows for the integration of third-party payment gateways and custom business logic. It includes a payment gateway orchestrator to handle transactions and refunds, as well as a revenue recognition system to allocate contract rev
This project is a social blogging application built with Flask. It provides a platform for user account management, following relationships, and chronological post streams, supported by a PostgreSQL relational database. The application features a multilingual web interface with localized content and date formatting. It is designed as a dockerized web application, utilizing containerization for consistent deployment across different environments. The system integrates a variety of core capabilities, including full-text search with provider abstraction, an asynchronous task worker for backgrou
This project is a feature-rich Go client library designed for interacting with Redis. It serves as a comprehensive interface for managing remote data stores, enabling developers to execute standard database commands, handle complex data structures, and perform asynchronous operations within Go applications. The library distinguishes itself through its support for advanced Redis capabilities, including connection pooling, pipelining, and transactional integrity. It provides specialized primitives for managing distributed clusters, including automated topology updates and request routing to sha
CVAT is an open-source, web-based platform designed for annotating images, videos, and 3D point clouds to create high-quality training datasets for machine learning. It functions as a containerized server that orchestrates the entire lifecycle of computer vision data, from initial task creation and manual labeling to quality assurance and final dataset export. The platform distinguishes itself through deep integration with machine learning models, allowing users to deploy custom AI models as serverless functions for automated object detection, tracking, and skeleton annotation. It supports co
This project is a human resources management system built using Spring Boot and Vue. It serves as a platform for managing employee records, professional titles, and organizational hierarchies. The system features a role-based access control framework that maps users to specific roles and resources to secure API endpoints and user interface elements. It includes a real-time communication hub utilizing WebSockets for internal corporate chat and system notifications, as well as a dedicated manager for defining and modifying nested organizational department structures. Additional capabilities co
Hatchet is an open-source durable workflow engine and task orchestration platform. It provides a framework for building and executing fault-tolerant, multi-step pipelines as directed acyclic graphs (DAGs), with automatic retries, scheduling, and real-time observability. The system is built around durable task checkpointing, which persists execution state after each step so work can resume from the last checkpoint after a worker crash or restart, and it supports event-driven task resumption that pauses a task until a matching external event arrives. The platform distinguishes itself through it
Liveblocks is a realtime collaboration infrastructure platform that synchronizes application state, documents, and user presence across multiple participants using conflict-free replicated data types. It provides a managed backend for collaborative text editors, threaded commenting and annotation systems, in-app notifications, and AI copilot deployment, all built on a WebSocket transport layer with server-side room management APIs. The platform distinguishes itself through a headless component primitive system that exposes unstyled React hooks and composable building blocks, allowing develope
supabase-js is a comprehensive client library designed to integrate frontend applications with a hosted backend-as-a-service. It provides a unified interface for interacting with a PostgreSQL database, identity management systems, cloud object storage, and real-time data synchronization. The library features an isomorphic client design that operates across both browser and server environments. It distinguishes itself through a type-safe approach, utilizing TypeScript to map database schemas directly to client-side definitions, and employs a PostgREST-based API to translate JavaScript calls in
Vercel is a cloud platform for building, deploying, and scaling web applications. It provides a unified infrastructure that automates the build process by detecting project frameworks and distributing static and dynamic content through a global content delivery network. The platform executes application logic using serverless functions that scale automatically based on real-time traffic demand. The platform distinguishes itself through a centralized AI gateway that proxies requests to multiple model providers, enabling standardized authentication, observability, and cost tracking. It supports
Romm is a self-hosted game library manager and ROM management web interface. It serves as a central server for storing and categorizing game files and emulator firmware, providing a web-based browser to organize collections through automated library scanning and metadata retrieval. The project distinguishes itself by integrating a web-based emulator frontend that uses WebAssembly to play games directly in the browser. It further provides a game save synchronization server that uses SSH-based synchronization to transfer save states and progress between the server and registered handheld device
Temporal is a distributed workflow orchestration engine designed to manage fault-tolerant, stateful, and long-running background processes. It functions as a platform for coordinating complex cross-service operations, ensuring consistency and reliability in distributed environments by decoupling workflow orchestration from task execution. The platform distinguishes itself through a deterministic, event-sourced execution model that reconstructs workflow state by re-executing code from an immutable event log. This approach isolates non-deterministic side effects into managed activities, allowin