Self-hosted projects tagged “Authorization”

Open-source Go backend providing embedded SQLite, realtime (SSE) subscriptions, auth (JWT/OAuth2), file storage, admin UI and REST-style APIs for web and mobile apps.

Alternative to:

PocketBase Cloud+17

Kong Gateway is a high-performance, cloud-native API gateway for routing, securing, and observing API traffic, with an extensible plugin system and Kubernetes support.

Alternative to:

Amazon API Gateway+7

Payload is an open-source, TypeScript-first headless CMS for Next.js with an extensible admin UI, auth, drafts, access control, and APIs for building fullstack apps.

Alternative to:

Payload CMS Cloud+16

Keycloak is an open-source IAM server providing single sign-on, user federation, and centralized authentication and authorization using OIDC, OAuth 2.0, and SAML.

Alternative to:

Okta+19

Hasura is an open-source GraphQL engine that instantly exposes realtime, secure GraphQL APIs over databases and other data sources with fine-grained access control.

Alternative to:

Hasura+16

Authelia is an open-source IAM and authentication server providing SSO, MFA, and access control for web apps, with OpenID Connect/OAuth 2.0 and reverse-proxy integration.

Alternative to:

Auth0+16

Open-source zero-trust networking platform delivering a WireGuard-based private network with centralized access control, SSO/MFA, and cross-platform clients.

Alternative to:

Tailscale+17

Open-source IdP delivering SSO, OAuth2/OIDC, SAML2, LDAP, RADIUS, MFA, WebAuthn, conditional access and application-proxy capabilities for self-hosted deployments.

Alternative to:

Okta+19

OAuth2 Proxy is a reverse proxy and middleware that protects web apps with OAuth2/OIDC login and forwards authenticated user identity to upstream services.

Alternative to:

Cloudflare Access+14

OpenVPN is a widely used open-source VPN daemon providing TLS/SSL-based secure tunneling, flexible client-server and site-to-site modes, and cross-platform support.

Alternative to:

OpenVPN CloudConnexa+18

ZITADEL is an open source IAM/CIAM platform providing SSO, MFA, OIDC/OAuth2, SAML, user management, and multi-tenant organizations with audit logging.

Alternative to:

Auth0+19

Casdoor is an open-source, UI-first IAM/SSO platform supporting OAuth 2.0, OIDC, SAML, LDAP, SCIM, WebAuthn and MFA, with an admin web UI and SDKs.

Alternative to:

Okta+19

PHP-based open-source hotel reservation platform providing PMS, booking engine, channel manager and hotel website features for small to enterprise properties.

Alternative to:

Cloudbeds+10

Open-source authentication and authorization infrastructure with OIDC/OAuth 2.1, SAML SSO, multi-tenancy, MFA, and RBAC for SaaS and AI apps.

Alternative to:

Auth0+19

Open source tool to publish SQLite databases as an interactive website with a JSON API, with a powerful plugin system for search, auth, and customization.

Alternative to:

Directus Cloud+10

Eclipse Mosquitto is a lightweight, open-source MQTT broker supporting MQTT 5.0 and 3.1.1, plus client libraries and CLI tools for pub/sub messaging.

Alternative to:

EMQX Cloud+11

Tyk Gateway is an open source, cloud-native API gateway for securing, managing, and scaling REST, GraphQL, gRPC, and TCP APIs with auth, rate limits, and policies.

Alternative to:

Amazon API Gateway+6

Lura is a stateless, high-performance API gateway framework for building reverse proxies that aggregate, transform, and secure backend APIs via middleware and plugins.

Alternative to:

Amazon API Gateway+9

Pocket ID is a simple self-hosted OpenID Connect (OIDC) provider that lets users sign in to apps using passkeys instead of passwords.

Alternative to:

Auth0+19

Self-hostable Git server focused on SSH, featuring a terminal UI, access control, and Git LFS support, with cloning via SSH, HTTP, or the Git protocol.

Alternative to:

GitHub+7

Self-hosted web app that provides a spreadsheet-like interface to view, edit, query, and manage PostgreSQL data with native Postgres role-based access control.

Alternative to:

Mathesar Cloud+7

Pomerium is an identity-aware access proxy that provides zero trust, per-request authorization to internal web apps and services without a traditional VPN.

Alternative to:

Cloudflare Access+12

CloudBeaver is an open-source, web-based database manager for teams, offering a browser SQL editor, data browsing/editing, and administration for many databases.

Alternative to:

DBeaver Cloud+11

Kanidm is a secure identity management platform providing SSO, passkeys (WebAuthn), and integrations like OAuth2/OIDC, RADIUS, and LDAP gateway for legacy apps.

Alternative to:

Okta+19

Kinto is a lightweight JSON document store with an HTTP API, built-in permissions, sharing, and client synchronization, designed for offline-first and distributed apps.

Alternative to:

Firebase+3

Cerbos is a scalable, language-agnostic authorization layer for defining and evaluating context-aware access control policies via a dedicated Policy Decision Point (PDP)...

Alternative to:

OSO Cloud+17

Ombi lets Plex, Emby and Jellyfin users request movies, TV shows and music, integrates with Sonarr/Radarr/Lidarr and automates request delivery and notifications.

Alternative to:

Ombi (Hosted)+2

OpenZiti is an open-source zero trust networking platform that builds an identity-based overlay mesh with SDKs, tunnelers, and policy-based access controls.

Alternative to:

Zscaler Private Access+14

Open-source browser-based gateway enabling VNC, RDP, and SSH access to remote desktops without client software.

Alternative to:

Citrix DaaS+17

Self-hosted web UI that exposes YAML-defined shell commands as buttons, dashboards and API endpoints with ACLs, auth and logging for safe, repeatable server operations.

Alternative to:

PagerDuty Rundeck+11