Tinyauth is an authentication middleware service and identity provider that verifies user identities to grant system access. It operates as a standalone server or as an authentication gateway, utilizing a reverse proxy model to intercept requests and validate credentials before traffic reaches protected backend services.
The project functions as an OpenID Connect provider for single sign-on experiences and an OAuth 2.0 gateway that delegates verification to external providers such as Google and GitHub. It also acts as an LDAP authentication server, allowing for centralized user management and group-based authorization through external directory integration.
The system covers a broad range of access control capabilities, including path-based and IP-based filtering, as well as identity-based restrictions. Security is further enhanced through multi-factor authentication using time-based one-time passwords and the use of bcrypt for secure credential storage.
The server is bootstrapped using environment variables to facilitate containerized deployments.
