Tinyauth

Tinyauth is a simple authentication middleware that sits in front of your web applications and provides a login screen or single sign-on via external identity providers. It is designed to be lightweight and easy to configure, making it well-suited for homelabs and small-to-medium self-hosted setups.

Key Features

• Adds an authentication layer in front of existing apps without modifying them
• Supports a built-in login screen with username/password
• OAuth / OIDC authentication with providers such as Google and GitHub (and others)
• LDAP authentication against a centralized directory
• Two-factor authentication support via TOTP
• Designed to integrate with popular reverse proxies such as Traefik, Nginx, and Caddy
• Ships as a single statically linked binary and is typically configured via environment variables

Use Cases

• Protect internal dashboards and admin tools behind a single login page
• Add SSO to self-hosted services that lack native authentication
• Gate access to homelab services exposed through a reverse proxy

Limitations and Considerations

• In active development; configuration and behavior may change between releases

Tinyauth provides a pragmatic way to add authentication in front of multiple services with minimal overhead. It is especially useful when you want a small, dependency-light component that works with common proxy-based deployments.