VoidAuth

VoidAuth

Website

Self-hosted SSO and user management with OpenID Connect and ForwardAuth

RepositoryWebsite
1.7kstars
50forks
Last commit: 1d ago
Repo age: 1y old
VoidAuth screenshot

VoidAuth is an open-source authentication and user management service designed to sit in front of your self-hosted applications. It provides Single Sign-On via OpenID Connect and can also protect apps through a reverse-proxy ForwardAuth flow.

Key Features

  • OpenID Connect (OIDC) identity provider for SSO integrations
  • ForwardAuth-style proxy authentication for protecting apps behind a reverse proxy
  • Built-in user and group management with an admin panel
  • User invitations and optional self-registration
  • Multi-factor authentication support, including passkeys (WebAuthn)
  • Secure password reset via email verification
  • Customization for branding and emails (logo, title, theme color, email templates)
  • Encryption at rest with PostgreSQL or SQLite-backed storage

Use Cases

  • Centralized login for a homelab or self-hosted app suite using OIDC
  • Protecting internal dashboards and services via reverse-proxy ForwardAuth
  • Lightweight IAM for small teams with groups and invitation-based onboarding

Limitations and Considerations

  • The project notes it has not been security audited; evaluate risk and keep dependencies updated

VoidAuth fits users who want a modern, self-hosted SSO solution with both OIDC-based federation and reverse-proxy authentication, plus practical account management features. It is especially suited for homelabs and small organizations standardizing authentication across multiple services.

Categories:

Identity & Access Management (IAM)SSO & Federated Identity (OIDC/SAML)

Tags:

# Authentication# IAM# OAuth2# Authorization# Access Control# 2FA# OIDC# Single Sign-On

Tech Stack:

SQLiteSQLitePostgreSQLPostgreSQLAngularAngularDockerDockerTypeScriptTypeScript
D
Docker ComposeNode.jsNode.js
Share:

Similar Services

PocketBase

PocketBase

Lightweight open-source realtime backend with embedded SQLite

55.3k
3k
Last commit: 1d ago

Open-source Go backend providing embedded SQLite, realtime (SSE) subscriptions, auth (JWT/OAuth2), file storage, admin UI and REST-style APIs for web and mobile apps.

Alternative to:
PocketBase Cloud
PocketBase Cloud+17
Keycloak

Keycloak

Open-source identity and access management with SSO

32.3k
8k
Last commit: 21h ago

Keycloak is an open-source IAM server providing single sign-on, user federation, and centralized authentication and authorization using OIDC, OAuth 2.0, and SAML.

Alternative to:
Okta
Okta+19
Authelia

Authelia

Self-hosted IAM with SSO and multi-factor authentication

26.4k
1.3k
Last commit: 1d ago

Authelia is an open-source IAM and authentication server providing SSO, MFA, and access control for web apps, with OpenID Connect/OAuth 2.0 and reverse-proxy integration.

Alternative to:
Auth0
Auth0+16
Infisical

Infisical

Open-source platform for secrets, PKI certificates, and privileged access

24.5k
1.7k
Last commit: 20h ago

Infisical is an open-source platform to manage and deliver app secrets, certificates (PKI), SSH credentials, and encryption keys across teams and infrastructure.

Alternative to:
HashiCorp Vault
HashiCorp Vault+9
authentik

authentik

Open-source Identity Provider (IdP) for SSO, OIDC, and SAML

19.7k
1.4k
Last commit: 17h ago

Open-source IdP delivering SSO, OAuth2/OIDC, SAML2, LDAP, RADIUS, MFA, WebAuthn, conditional access and application-proxy capabilities for self-hosted deployments.

Alternative to:
Okta
Okta+19
Teleport

Teleport

Identity-aware access proxy for infrastructure and internal apps

19.7k
2k
Last commit: 17h ago

Secure access platform for servers, Kubernetes, databases, desktops, and web apps with SSO/MFA, short-lived certificates, and full session auditing.

Alternative to:
Twingate
Twingate+16