Self-hosted projects tagged “IAM”

Keycloak is an open-source IAM server providing single sign-on, user federation, and centralized authentication and authorization using OIDC, OAuth 2.0, and SAML.

Alternative to:

Okta+19

Authelia is an open-source IAM and authentication server providing SSO, MFA, and access control for web apps, with OpenID Connect/OAuth 2.0 and reverse-proxy integration.

Alternative to:

Auth0+16

Secure access platform for servers, Kubernetes, databases, desktops, and web apps with SSO/MFA, short-lived certificates, and full session auditing.

Alternative to:

Twingate+16

ZITADEL is an open source IAM/CIAM platform providing SSO, MFA, OIDC/OAuth2, SAML, user management, and multi-tenant organizations with audit logging.

Alternative to:

Auth0+19

Casdoor is an open-source, UI-first IAM/SSO platform supporting OAuth 2.0, OIDC, SAML, LDAP, SCIM, WebAuthn and MFA, with an admin web UI and SDKs.

Alternative to:

Okta+19

Open-source authentication and authorization infrastructure with OIDC/OAuth 2.1, SAML SSO, multi-tenancy, MFA, and RBAC for SaaS and AI apps.

Alternative to:

Auth0+19

Pocket ID is a simple self-hosted OpenID Connect (OIDC) provider that lets users sign in to apps using passkeys instead of passwords.

Alternative to:

Auth0+19

Pomerium is an identity-aware access proxy that provides zero trust, per-request authorization to internal web apps and services without a traditional VPN.

Alternative to:

Cloudflare Access+12

Kanidm is a secure identity management platform providing SSO, passkeys (WebAuthn), and integrations like OAuth2/OIDC, RADIUS, and LDAP gateway for legacy apps.

Alternative to:

Okta+19

Cerbos is a scalable, language-agnostic authorization layer for defining and evaluating context-aware access control policies via a dedicated Policy Decision Point (PDP)...

Alternative to:

OSO Cloud+17

OpenZiti is an open-source zero trust networking platform that builds an identity-based overlay mesh with SDKs, tunnelers, and policy-based access controls.

Alternative to:

Zscaler Private Access+14

GLAuth is a lightweight LDAP/LDAPS authentication server for development, CI, and homelabs, supporting file, S3, SQL, or LDAP proxy backends and optional 2FA.

Alternative to:

Microsoft Active Directory+5

VoidAuth is a self-hosted SSO provider with OpenID Connect, ForwardAuth proxy auth, and built-in user and group management plus MFA and passkeys.

Alternative to:

Auth0+19

Open-source, self-hosted feature flag management platform with progressive rollouts, targeting rules, A/B testing, audit logs, and APIs for automated releases.

Alternative to:

LaunchDarkly+4

Open-source Auth0/Clerk/Firebase Auth alternative with passkeys, MFA, SSO (OIDC/SAML), user management portal, and extensible auth flows for web and mobile apps.

Alternative to:

Auth0+19

Open-source onboarding platform to provision accounts, run preboarding, to-dos, resources, courses, and badges via Slack or a dashboard.

Alternative to:

Sapling (Kallidus)+2

Mozilla Accounts (FxA) is an account and authentication service used by Mozilla clients, providing login, session management, and account-related APIs for Mozilla product...

Alternative to:

Auth0+15

Open edX is a scalable, modular LMS for delivering MOOCs and online programs with video, assessments, discussions, instructor tools, and extensible integrations.

Alternative to:

Canvas LMS+19

FusionAuth is a self-hosted authentication and IAM platform supporting OAuth2, OIDC and SAML, with SSO, MFA, user management and developer-focused integrations.

Alternative to:

Auth0+19