30 open-source projects similar to volatiletech/authboss, ranked by how many features they have in common. Compare stars, activity and what each one does to find the best Authboss alternative.
Authboss is a modular HTTP authentication framework for managing user identity, session lifecycles, and password security. It provides a system of identity access middleware to control route access and synchronize user identity across requests via standard web protocols. The framework is distinguished by a pluggable architecture that allows for the registration of independent modules to extend identity logic. It utilizes a hook-based event system to execute custom business logic during authentication state changes and employs a selector-verifier token pattern to protect against timing attacks
Hanko is an open-source identity provider and customer identity and access management system. It serves as a passkey authentication service and an OAuth and SAML SSO gateway, allowing applications to authenticate users and issue tokens via standard identity protocols. The project distinguishes itself through a strong focus on passwordless access using WebAuthn-based passkeys and email-based passcodes. It provides framework-agnostic authentication interfaces as customizable web components that can be embedded directly into web applications to handle login, registration, and profile management.
Jetstream is an application scaffold for Laravel that provides a pre-built identity system and team collaboration framework. It serves as a starter kit that integrates user authentication, profile management, and organizational tools into a unified project structure. The project is distinguished by its comprehensive team management capabilities, which include shared workspace organization, member invitation workflows, and role-based access control. It also features an integrated API token manager for issuing and controlling secure access tokens for external clients. The platform covers a bro
This project is an AI model API gateway and proxy server designed to provide a unified interface for interacting with diverse artificial intelligence service providers. It functions as a centralized middleware platform that routes, load balances, and translates API requests across multiple models, enabling developers to access text, image, audio, and video generation capabilities through a single, standardized integration. The gateway distinguishes itself through comprehensive administrative and financial controls, including event-driven usage accounting, real-time token consumption tracking,
This project is a reference implementation and boilerplate for managing user authentication and session state within the Next.js framework. It serves as a practical example of how to integrate NextAuth.js to protect routes and handle identity verification. The repository demonstrates several authentication workflows, including OAuth identity integration with third-party providers, passwordless authentication using email magic links, and traditional credentials-based sign-in. It specifically showcases how to replace default authentication screens with custom branded sign-in pages. The impleme
Lucia is an authentication library that provides session management, OAuth integration, and password-based login for web applications. It creates and validates server-side sessions using cryptographically random tokens stored in HttpOnly, Secure, SameSite=Lax cookies, with constant-time token comparison to prevent timing side-channel attacks. The library supports authentication through email and password, GitHub OAuth, Google OAuth, and passkey-based sign-in. It enforces two-factor authentication using time-based one-time passwords (TOTP) from authenticator apps, generates recovery codes for
Devise is a comprehensive identity management system and authentication framework for Ruby on Rails applications. It provides a complete set of tools for managing user registration, secure sign-in, and session handling using a modular strategy pattern. The framework distinguishes itself by offering a suite of security hardening features, including brute force protection through account locking and secure password recovery workflows. It also functions as an integrator for external identity providers and third-party authentication via standardized protocols. Broad capabilities cover the full u
2FAuth is a self-hosted two-factor authentication server and credential vault. It functions as a web-based authenticator app used to organize and generate time-based one-time passwords and other security codes for multiple accounts in a central location. The system distinguishes itself as an API-driven security manager, allowing authentication codes to be integrated into automated workflows and external applications. It also supports shared security credentialing through the use of isolated vaults and shared folders for team collaboration. The project covers a broad range of security and dat
This project is an Android password manager application that provides an end-to-end encrypted vault for storing and synchronizing login credentials, secure notes, and identities. It functions as a secure storage system using zero-knowledge encryption to ensure that only the user can decrypt their stored data. The application integrates directly with the Android system to provide an autofill service that populates usernames and passwords into mobile apps and browser login fields. It also serves as a passkey management wallet for FIDO2 cryptographic passkeys and a time-based one-time password a
Octelium is a zero-trust network access platform and identity-aware proxy designed to secure private HTTP, SSH, and SQL resources. It functions as a secure gateway that validates human and workload identities using OIDC, SAML, and FIDO2 passkeys before granting access to internal applications and SaaS APIs. The system is distinguished by its secretless access broker, which injects credentials—such as API keys, passwords, and AWS Sigv4 signatures—at the gateway level so users can access databases and cloud resources without managing secrets. It further specializes in AI gateway administration,
OpenAuth is a standards-based authentication server and identity provider that implements OAuth 2.0 and OpenID Connect protocols. It serves as a centralized system for managing user identities, issuing access tokens, and orchestrating authentication flows across various services. The project functions as a federated identity gateway, aggregating external providers such as Google, GitHub, Microsoft, Apple, and Discord into a unified login flow. It distinguishes itself with a multi-tenant architecture that supports pluggable identity providers and customizable user interface frameworks for bran
Tinyauth is an authentication middleware service and identity provider that verifies user identities to grant system access. It operates as a standalone server or as an authentication gateway, utilizing a reverse proxy model to intercept requests and validate credentials before traffic reaches protected backend services. The project functions as an OpenID Connect provider for single sign-on experiences and an OAuth 2.0 gateway that delegates verification to external providers such as Google and GitHub. It also acts as an LDAP authentication server, allowing for centralized user management and
supabase-js is a comprehensive client library designed to integrate frontend applications with a hosted backend-as-a-service. It provides a unified interface for interacting with a PostgreSQL database, identity management systems, cloud object storage, and real-time data synchronization. The library features an isomorphic client design that operates across both browser and server environments. It distinguishes itself through a type-safe approach, utilizing TypeScript to map database schemas directly to client-side definitions, and employs a PostgREST-based API to translate JavaScript calls in
rustdesk-server is a self-hosted remote desktop server infrastructure designed to manage ID signaling and relay traffic for remote connections between peers. It provides the necessary backend environment to coordinate remote access sessions through rendezvous-based signaling and relay-based traffic forwarding. The system distinguishes itself with a remote access management console for organizing devices and enforcing security policies, as well as an identity integrator for OIDC-based federation and LDAP directory synchronization. It utilizes geolocation-aware routing to distribute traffic acr
Grav is a flat-file content management system that eliminates the need for a traditional database by storing site content and configuration in human-readable Markdown and YAML files. Built as a modular PHP web framework, it uses a hierarchical page routing system where the physical directory structure directly determines the site's URL paths. The platform is distinguished by its event-driven plugin architecture and a command-line interface that prioritizes system administration, deployment, and maintenance tasks. It utilizes a blueprint-driven system to generate administrative forms from stru
Stack Auth is an open-source authentication and authorization platform that provides pre-built UI components, OAuth integration, team management, and session handling for web applications. It offers a complete authentication lifecycle covering sign-in, sign-up, session management, password recovery, and multi-factor security, with support for passkey authentication and OAuth providers including Google, GitHub, and Apple. The platform includes a team-based permission system with role-based access control, allowing users to be organized into teams with granular permissions for membership manage
django-allauth is a comprehensive authentication framework for Django applications that manages user registration, account ownership verification, and secure login processes. It provides a system for handling the entire user account lifecycle, including the ability to define custom signup fields and implement identity verification. The project distinguishes itself by providing a suite of OAuth and SAML integrations for social account authentication and the capability to act as an OpenID Connect identity provider. It further supports decoupled architectures through a token-based headless authe
Aegis is a mobile application designed to manage and store multi-factor authentication tokens. It functions as a local-first credential vault that generates time-based and counter-based one-time passwords to verify user identity across various online services. The application secures sensitive authentication data by employing authenticated symmetric encryption and hardware-backed key storage to protect credentials at rest. Access to the stored tokens is gated by system-level biometric authentication or password verification, ensuring that only authorized users can retrieve the generated secur
This is a two-factor authentication library and open-source multi-factor authentication implementation. It provides a suite of tools for implementing security workflows that require a second layer of verification beyond standard credentials. The project implements both time-based one-time passwords and HMAC-based one-time passwords. It includes utilities for generating these codes based on shared secrets and counters, following industry standards such as RFC 6238. The library covers cryptographic primitives including Base32 secret key encoding, dynamic truncation extraction, and symmetric ke
Ombi is a media request management system that coordinates content discovery between users, media servers, and download managers. It acts as a middleware layer to automate the process of requesting, approving, and acquiring movies, music, and TV shows. The project differentiates itself by acting as an integration layer that synchronizes libraries and user accounts across multiple media server instances. It features a content request orchestrator that supports voting-based automatic approval and the ability to import active requests directly from external watchlists. The platform covers a bro
This is a Backend-as-a-Service SDK for React Native, providing a library to integrate mobile applications with backend services. It serves as a client for managing user authentication, cloud databases, and remote file storage within a mobile environment. The SDK enables mobile developers to implement secure login flows using OAuth, email, and phone verification. It includes a database client for performing CRUD operations on structured data and a storage client for uploading and retrieving binary assets from remote cloud buckets. Additionally, it features a WebSocket-based interface to receiv
Satellizer is an authentication library for AngularJS applications designed to manage user sign-in and session persistence using security tokens. It functions as a client-side implementation for exchanging credentials for tokens and attaching authorization headers to network requests. The library handles identity integration through a token manager that supports both email-based authentication and external OAuth providers. It enables the authorization of users via third-party services using secure popup windows and allows for linking or unlinking external accounts to a user profile. The proj
This is a Backend as a Service SDK for Apple platforms, providing a collection of libraries that connect iOS and macOS applications to cloud databases, authentication services, and serverless infrastructure. It serves as a developer kit for integrating real-time data synchronization, file storage, and push notifications into native apps. The SDK is distinguished by its generative AI integration, which routes text and multimodal prompts between on-device models and cloud-hosted large language models. It further differentiates itself with a specialized app distribution tool for managing pre-rel
This project is a cross-platform messaging SDK and client development library used to build custom Telegram applications. It functions as a comprehensive framework that manages network encryption, local data storage, and API communication, providing a C-compatible JSON interface that allows integration with any programming language. The library distinguishes itself by providing a full database manager for encrypted local caching and synchronized state, alongside a dedicated bot framework for creating interactive bots with business account integration. It enables the implementation of speciali
TodoApp is a task management web application designed for organizing and tracking pending items. It consists of a web-based interface and a REST API backend that handles business logic and data requests. The system includes an OAuth 2.0 identity provider for user authentication via passwords and external social providers, as well as an API gateway proxy that routes traffic from the frontend to the backend to prevent cross-origin resource sharing issues. Operational capabilities cover system observability through OpenTelemetry for collecting logs and metrics, request rate limiting to maintain
Authlogic is a Ruby authentication framework designed to manage user identities, session persistence, and secure password hashing. It provides a system for verifying user credentials against stored records using configurable identity fields. The framework distinguishes itself through its provider-based identity integration, allowing applications to connect authentication flows to external services including OAuth, OpenID Connect, LDAP, and various social media platforms. It also includes an extensibility model that executes custom user-defined code via hooks and callbacks during identity veri
This project is a social blogging application built with Flask. It provides a platform for user account management, following relationships, and chronological post streams, supported by a PostgreSQL relational database. The application features a multilingual web interface with localized content and date formatting. It is designed as a dockerized web application, utilizing containerization for consistent deployment across different environments. The system integrates a variety of core capabilities, including full-text search with provider abstraction, an asynchronous task worker for backgrou
Stellar Core is the primary software implementation of the Stellar blockchain network, serving as a distributed ledger and a Federated Byzantine Agreement system. It functions as a core node that maintains the shared state of the network and provides a runtime environment for executing WebAssembly smart contracts. The project enables the creation and management of digital assets, including the implementation of decentralized exchanges through distributed orderbooks and automated liquidity pools. It facilitates cross-border payment settlement by routing assets via path payments and bridging di
Passport is a Node.js authentication middleware designed to manage user identities and session states within web applications. It functions as a request identity verifier that secures application routes by validating user credentials before granting access. The system utilizes a modular authentication strategy, allowing identity verification through interchangeable plugins. This architecture supports the creation of custom authentication strategies for local credentials and the integration of federated identity providers using external protocols. The framework provides capabilities for sessi
This project is an open-source identity provider and single sign-on platform that centralizes user authentication for multiple web applications and services. It functions as a multi-protocol authentication gateway, verifying user identities and issuing tokens through the CAS protocol as well as industry standards including SAML, OAuth2, and OpenID Connect. The system acts as a federated identity server, allowing authentication to be delegated to external third-party or corporate identity providers. It distinguishes itself through identity attribute governance, which manages which specific use