Securden Password Manager for Enterprises

JSON Web Token is an open standard that defines a compact and self-contained way for securely transmitting information between parties as a JSON object. This information can be verified and trusted because it is digitally signed.

A set of unified APIs and tools that instantly enables Single Sign On and user management to all your applications.

Vault is a tool for securely accessing secrets. A secret is anything that you want to tightly control access to, such as API keys, passwords, certificates, and more. Vault provides a unified interface to any secret, while providing tight access control and recording a detailed audit log.

It is an Open Source Identity and Access Management For Modern Applications and Services. It adds authentication to applications and secure services with minimum fuss. No need to deal with storing users or authenticating users. It's all available out of the box.

It is a comprehensive identity and access management solution that gives you a robust set of capabilities to manage users and groups. You can get the reliability and scalability you need with identity services that work with your on-premises, cloud, or hybrid environment.

It is an authorization framework that enables a third-party application to obtain limited access to an HTTP service, either on behalf of a resource owner by orchestrating an approval interaction between the resource owner and the HTTP service, or by allowing the third-party application to obtain access on its own behalf.

You can create unique identities for your users through a number of public login providers (Amazon, Facebook, and Google) and also support unauthenticated guests. You can save app data locally on users’ devices allowing your applications to work even when the devices are offline.

It is a framework that focuses on providing both authentication and authorization to Java applications. The real power of Spring Security is found in how easily it can be extended to meet custom requirements.

Devise is a flexible authentication solution for Rails based on Warden

It provides backend services, easy-to-use SDKs, and ready-made UI libraries to authenticate users to your app. It supports authentication using passwords, phone numbers, popular federated identity providers like Google,

It is authentication middleware for Node.js. Extremely flexible and modular, It can be unobtrusively dropped in to any Express-based web application. A comprehensive set of strategies support authentication using a username and password, Facebook, Twitter, and more.

OmniAuth is a Ruby authentication framework aimed to abstract away the difficulties of working with various types of authentication providers. It is meant to be hooked up to just about any system, from social networks to enterprise systems to simple username and password authentication.

It is a simple identity layer on top of the OAuth 2.0 protocol. It allows Clients to verify the identity of the End-User based on the authentication performed by an Authorization Server, as well as to obtain basic profile information about the End-User in an interoperable and REST-like manner.

AWS Secrets Manager helps you protect secrets needed to access your applications, services, and IT resources. The service enables you to easily rotate, manage, and retrieve database credentials, API keys, and other secrets throughout their lifecycle.

It is a free, open-source implementation of the Lightweight Directory Access Protocol. Lightweight Directory Access is an application protocol that is used to crosscheck information on the server end.

Clerk gives you more than just a "sign-in box". You get a complete set of User Management UIs and APIs, including a powerful Admin Dashboard. Purpose-built for React, Next.js, and the Modern Web. Finally, an auth service that "just works".

It is a mature, flexible, and well supported standards-based mechanism for interacting with directory servers. It’s often used for authentication and storing information about users, groups, and applications, but an LDAP directory server is a fairly general-purpose data store and can be used in a wide variety of applications.

This package provides JSON Web Token Authentication support for Django REST framework. Unlike some more typical uses of JWTs, this module only generates authentication tokens that will verify the user who is requesting one of your DRF protected API resources.

Doppler’s developer-first security platform empowers teams to seamlessly manage, orchestrate, and govern secrets at scale.

Passwords are the bane of app security. With a few lines of code and no bloat, it lets you build apps with blazing-fast, customizable, passwordless login - with future-proof crypto and identity tech under the hood.

A container native solution that strengthens the Trusted Delivery component of container security by integrating secret distribution directly into the container platform.

FreeIPA is an integrated Identity and Authentication solution for Linux/UNIX networked environments. A FreeIPA server provides centralized authentication, authorization and account information by storing data about user, groups, hosts and other objects necessary to manage the security aspects of a network of computers.

Stormpath is an authentication and user management service that helps development teams quickly and securely build web and mobile applications and services.

Oso Cloud is authorization-as-a-service. It provides abstractions for building and iterating on authorization in your application – based on years of work with hundreds of engineering teams.

In Casbin, an access control model is abstracted into a CONF file based on the PERM metamodel (Policy, Effect, Request, Matchers). So switching or upgrading the authorization mechanism for a project is just as simple as modifying a configuration. You can customize your own access control model by combining the available models.

The authentication and authorization system BuzzFeed developed to provide a secure, single sign-on experience for access to the many internal web apps used by our employees.

It is the open source implementation of RADIUS, an IETF protocol for AAA (Authorisation, Authentication, and Accounting).. It is responsible for authenticating one third of all users on the Internet.

It is a Colorado-based startup that customers use to authenticate, authorize, and manage users, devices, and applications. They do it all easily via a common directory in the cloud, instead of through legacy, on-premises IT systems.

It helps you do single sign-on and identity federation backed by strong and adaptive authentication, securely expose APIs, and manage identities by connecting to heterogeneous user stores. Leverage the power of open-source IAM in your enterprise to innovate fast and build secure Customer IAM (CIAM) solutions to provide an experience your users will love.

It is a self-managed server that secures access to your applications and APIs with OAuth 2.0 and OpenID Connect. It is OpenID Connect Certified and optimized for latency, high throughput, and low resource consumption.

OAuth is a protocol that aimed to provide a single secure recipe to manage authorizations. It is now used by almost every web application. However, 30+ different implementations coexist. OAuth.io fixes this massive problem by acting as a universal adapter, thanks to a robust API. With OAuth.io integrating OAuth takes minutes instead of hours or days.

It is an Identity Provider that can be used for web and apps. Users are authenticated by verifying access to an email address or a securely stored private key.

Satellizer is a simple to use, end-to-end, token-based authentication module for AngularJS with built-in support for Google, Facebook, LinkedIn, Twitter authentication providers, plus Email and Password sign-in method. You are not limited to the sign-in options above, in fact you can add any OAuth 1.0 or OAuth 2.0 provider by passing provider-specific information during the configuration step.

It is a customer-managed solution that can be deployed on premises or on any public cloud, such as AWS, Azure, or Google Cloud Platform. It provides users with secure access and single sign-on to all the virtual, SaaS and web applications they need to be productive.

It enables you to discover and access infrastructure (e.g. Kubernetes, databases). We help you connect an identity provider such as Okta or Azure active directory, and map users/groups with the permissions you set to your infrastructure.

Start selling to enterprise customers with just a few lines of code.

It is a cloud native user management system. It provides user login and registration, multi-factor authentication, and user information storage with a headless API. It is fully configurable and supports a wide range of protocols such as Google Authenticator, and stores user information using JSON Schema.

It provides auth, login, SSO, MFA, and is free for unlimited users. It provides secure, single-tenant, on-prem or private cloud identity, custom emails with localization, social logins, group-based auth and more.

It is an open-source authentication and authorization server providing 2-factor authentication and single sign-on (SSO) for your applications via a web portal. It acts as a companion of reverse proxies like nginx, Traefik or HAProxy to let them know whether queries should pass through. Unauthenticated users are redirected to Authelia Sign-in portal instead.

Keywhiz is a secret management and distribution service that is now available for everyone. Keywhiz helps us with infrastructure secrets, including TLS certificates and keys, GPG keyrings, symmetric keys, database credentials, API tokens, and SSH keys for external services — and even some non-secrets like TLS trust stores. Automation with Keywhiz allows us to seamlessly distribute and generate the necessary secrets for our services, which provides a consistent and secure environment, and ultimately helps us ship faster.

It is an award-winning application written in native PHP that deals with authentication. It supports some other identity protocols and frameworks, such as Shibboleth 1.3, A-Select, CAS, OpenID, WS-Federation or OAuth, and is easily extendable, so you can develop your own modules if you like.

It is an open-source, end-to-end encrypted (E2EE) secret manager that enables teams to easily manage and sync their environment variables.

It is a comprehensive identity platform that makes it easy to build authentication into any stack or code base, so you can tailor it to fit your unique requirements and end user experience.

Torus simplifies the modern development workflow enabling you to store, share, and organize secrets across services and environments. With Torus, you can standardize on one tool across all environments. Map Torus to your workflows using projects, environments, services, teams, and machines.

It allows you to manage user permissions and roles in a database.

Confidant is a open source secret management service that provides user-friendly storage and access to secrets in a secure way, from the developers at Lyft.

Securely store config and manage access in an end-to-end encrypted, auto-syncing desktop app. Connect your apps in minutes in any language with an environment variable and a line or two of code.

It converts your passive OTP process to active push notification. It works like magic! When you use it's Chrome Extension, it will identify your visited website's OTP request and will send it to your mobile phone as a push notification. When you Accept that request on your phone, your code will be generated on your mobile phone and send it back to the Chrome Extension. That extension will put your OTP code to the OTP text box and will redirect you to the application automatically.

Avoid dealing with OAuth logic in your code, and spend more time creating your product. Guardian reduces the OAuth footprint in your code to a single request. Built with modularity in mind, Guardian leverages plugins to handle OAuth flows, should you encounter a flow that Guardian doesn't handle, create a small flow plugin to do so and carry on. Guardian comes with 5 pre-made plugins that cover 99% of OAuth services.

It is a fully managed cloud-based, zero-knowledge platform for securing infrastructure secrets such as API keys, database passwords, access keys, certificates and any type of confidential data.