30 个仓库
Integrations for delegating authentication to OpenID Connect identity providers.
Distinguishing note: Focuses on external identity provider integration.
Explore 30 awesome GitHub repositories matching security & cryptography · OIDC Authentication Plugins. Refine with filters or upvote what's useful.
This project is an AI model API gateway and proxy server designed to provide a unified interface for interacting with diverse artificial intelligence service providers. It functions as a centralized middleware platform that routes, load balances, and translates API requests across multiple models, enabling developers to access text, image, audio, and video generation capabilities through a single, standardized integration. The gateway distinguishes itself through comprehensive administrative and financial controls, including event-driven usage accounting, real-time token consumption tracking,
Delegates login processes to external OpenID Connect providers and handles callbacks to establish secure sessions.
Postiz is an open-source social media management platform designed to centralize the scheduling, publishing, and analysis of content across diverse social networks, community forums, and blogging platforms. It functions as a unified hub where users can coordinate, review, and distribute content through a shared team workspace, while leveraging integrated artificial intelligence to assist in drafting text and generating multimedia assets. The platform distinguishes itself through a modular architecture that utilizes a provider-specific adapter pattern to ensure consistent content distribution
Integrates external identity providers to manage user access and authentication using standard OpenID Connect protocols.
Harbor is a self-hosted, enterprise-grade container registry platform designed to store, sign, and scan container images and cloud-native artifacts. It provides a centralized repository that integrates directly with Kubernetes environments to manage the full lifecycle of software artifacts, from initial storage to production deployment. The platform distinguishes itself through a focus on security, governance, and multi-site availability. It features a pluggable vulnerability scanning framework that allows for the integration of various security engines, alongside content trust mechanisms tha
Delegates user authentication to external identity providers using the OpenID Connect protocol.
Integrates with external identity providers to manage user sessions via OIDC.
FastMCP is a Python framework designed for building servers that expose functions, resources, and prompts to AI models using the Model Context Protocol. It simplifies the development process by automatically deriving tool metadata, input schemas, and documentation directly from Python function signatures and type hints. The framework provides a unified container for managing these components, allowing developers to build modular applications that integrate seamlessly with AI assistants. The project distinguishes itself through its support for interactive, server-defined user interface compone
Integrates with OpenID Connect identity providers to delegate user authentication.
Agent Skills is a centralized registry and management system designed for the discovery, auditing, and integration of reusable procedural modules into automated agent workflows. It provides a structured environment for sourcing verified capabilities that extend the functional range of AI agents, enabling the development and scaling of complex, multi-step automated processes. The platform distinguishes itself through a security-first approach to module integration, utilizing audit-verified data to ensure that capabilities meet safety requirements before they are deployed. It incorporates a dec
Authenticates requests using short-lived OIDC tokens to eliminate manual key management.
Cube is a semantic data layer that provides a unified framework for defining business metrics, dimensions, and relationships across diverse data sources. By acting as a headless business intelligence engine, it transforms raw data into a governed model that can be queried via SQL, REST, and GraphQL interfaces. This architecture ensures consistent data definitions and logic across all downstream analytical applications and reporting tools. The platform distinguishes itself through its integrated conversational AI capabilities, which allow users to explore data using natural language. It orches
Uses OIDC tokens to assume cloud IAM roles for secure, passwordless access to infrastructure resources.
WeKnora is a multi-tenant retrieval-augmented generation (RAG) knowledge platform and autonomous AI agent framework. It transforms raw documents into queryable knowledge bases and integrates large language models with vector databases to provide grounded AI responses. The system also functions as a Model Context Protocol (MCP) tool server, exposing knowledge search and agentic capabilities to external AI clients. The platform distinguishes itself through an autonomous agent framework that utilizes iterative reasoning, tool calling, and web search to solve multi-step tasks. It implements a sta
Secures user and agent access by integrating OpenID Connect identity providers for authentication.
This project is a high-performance, distributed API gateway designed to manage, secure, and observe traffic for microservices, serverless functions, and artificial intelligence model providers. It functions as a dynamic service proxy and cloud-native ingress controller, centralizing policy enforcement and traffic routing through a unified configuration interface that synchronizes state across multiple nodes in real time. The platform distinguishes itself through a highly extensible architecture that utilizes a high-performance scripting engine to execute modular logic directly within the requ
Validates incoming requests against external identity providers and manages session state to control access to protected upstream resources.
VictoriaMetrics is a high-performance, scalable time series database and observability platform designed for long-term storage and analysis of metric, log, and trace data. It functions as a unified backend for monitoring ecosystems, offering full compatibility with industry-standard protocols and query languages. The system is built to handle massive data volumes through a distributed architecture that supports horizontal scaling and efficient data lifecycle management. The platform distinguishes itself through a storage engine that utilizes consistent hashing for data sharding and log-struct
Integrates with external identity providers to validate user requests via OIDC and enforce multi-tenant access.
Quarkus is a Kubernetes-native Java framework designed for building high-performance, memory-efficient applications. It utilizes ahead-of-time native compilation to transform Java code into standalone, optimized binaries that eliminate the need for a virtual machine, enabling rapid startup and reduced memory consumption. By performing code augmentation during the build phase, it shifts heavy processing tasks away from runtime, ensuring that applications are optimized for cloud-native environments. The framework distinguishes itself through a unified approach to reactive and imperative program
Automates the acquisition, refresh, and propagation of access tokens for OpenID Connect identity providers.
FreshRSS is an open-source, self-hosted web feed aggregator designed to collect, organize, and display content from multiple websites in a single, centralized interface. It functions as a comprehensive reader for standard syndication formats, allowing users to track updates from various sources while maintaining full control over their data and privacy. The platform supports multi-user environments, enabling individual account management and personalized reading experiences. The application distinguishes itself through its robust synchronization and extensibility capabilities. It provides a s
Delegates user authentication to external providers using OpenID Connect.
Termix is a centralized web-based gateway for managing remote SSH connections and terminal sessions. It provides a browser-based interface that enables users to access, control, and monitor remote servers, containerized applications, and file systems from a single, unified dashboard. The platform distinguishes itself through robust security and session management capabilities. It integrates with external identity providers for single sign-on and enforces role-based access control to manage user permissions. To ensure reliable administration, it maintains stateful session persistence, allowing
Supports verifying user identities by connecting to external identity providers through standard protocols to manage secure access to the application.
Element Web is a web-based communication client used for real-time messaging and collaboration via the decentralized Matrix protocol. It functions as an end-to-end encrypted messenger, a VoIP client for voice and video conferencing, and an interface for interacting with integrated bots and external bridges. The project distinguishes itself through a modular architecture that supports runtime module loading and external script imports to extend core capabilities. It provides extensive white-labeling options, allowing for the customization of application branding, visual themes, and the use of
Integrates with OpenID Connect identity providers to delegate authentication and enable single sign-on.
Kutt is a self-hosted URL shortening service built with Node.js and PostgreSQL. It allows users to create short links with custom aliases and expiration dates while managing them through a database-backed system. The service integrates OpenID Connect for user authentication and provides a RESTful API for programmatic link management. The platform distinguishes itself through a custom domain router that maps incoming requests from user-defined domains to specific link records. It includes a dedicated administrative dashboard for branded link management and private analytics tracking to monitor
Integrates with external identity providers for secure user authentication via the OpenID Connect protocol.
Dex is an OpenID Connect identity provider that functions as an identity federation gateway. It authenticates users and issues signed tokens for applications by using a variety of pluggable connectors to interface with external identity sources. The project focuses on federating multiple external identity providers into a single authentication portal. It maps diverse external authentication sources to a uniform internal user representation and manages the orchestration of authorization handshakes between clients and identity sources. Capability areas include centralized user authentication,
Provides OIDC-based authentication plugins for the Kubernetes API server to delegate identity verification.
Gorse is a personalized recommendation engine server and machine learning pipeline designed to suggest items to users based on their behavior and preferences. It operates as a distributed system that separates training, candidate generation, and serving nodes to support high-throughput workloads. The system utilizes a multi-stage recommendation pipeline to refine results through retrieval, scoring, and reranking. It generates personalized suggestions using collaborative filtering, matrix factorization, and item-to-item similarity models, while also providing non-personalized and fallback reco
Secures the administrative dashboard via OpenID Connect integration for single sign-on.
Pocket ID is a self-hosted OpenID Connect (OIDC) identity provider that replaces traditional passwords with passkey-based authentication using WebAuthn public-key cryptography. It runs as a standalone service on user-managed infrastructure, eliminating shared secrets entirely by authenticating users through passkeys instead of passwords. The project distinguishes itself through security-hardened deployment patterns, including distroless container images, non-root user execution, and read-only root filesystems to reduce the attack surface. It supports configurable token signing algorithms (RSA
Delegates user authentication to a lightweight OpenID Connect provider that other services trust for identity verification.
Solid is a protocol and ecosystem for decentralized web applications that separates application logic from data storage. It enables users to store and control their personal information in personal online data stores, known as Pods, ensuring that individuals own their data rather than the applications they use. The project provides a framework for decentralized identity and authentication using WebID and OpenID Connect, decoupling identity from central providers. It implements a resource-level permission system via Web Access Control, allowing users to grant or deny read, write, and append ac
Provides decentralized authentication via OpenID Connect using WebID profiles.
Romm is a self-hosted game library manager and ROM management web interface. It serves as a central server for storing and categorizing game files and emulator firmware, providing a web-based browser to organize collections through automated library scanning and metadata retrieval. The project distinguishes itself by integrating a web-based emulator frontend that uses WebAssembly to play games directly in the browser. It further provides a game save synchronization server that uses SSH-based synchronization to transfer save states and progress between the server and registered handheld device
Provides single sign-on and centralized multi-factor authentication through OpenID Connect integration.