WSO2 Identity Server

JSON Web Token is an open standard that defines a compact and self-contained way for securely transmitting information between parties as a JSON object. This information can be verified and trusted because it is digitally signed.

A set of unified APIs and tools that instantly enables Single Sign On and user management to all your applications.

It is an Open Source Identity and Access Management For Modern Applications and Services. It adds authentication to applications and secure services with minimum fuss. No need to deal with storing users or authenticating users. It's all available out of the box.

It is a comprehensive identity and access management solution that gives you a robust set of capabilities to manage users and groups. You can get the reliability and scalability you need with identity services that work with your on-premises, cloud, or hybrid environment.

It is an authorization framework that enables a third-party application to obtain limited access to an HTTP service, either on behalf of a resource owner by orchestrating an approval interaction between the resource owner and the HTTP service, or by allowing the third-party application to obtain access on its own behalf.

You can create unique identities for your users through a number of public login providers (Amazon, Facebook, and Google) and also support unauthenticated guests. You can save app data locally on users’ devices allowing your applications to work even when the devices are offline.

It is a framework that focuses on providing both authentication and authorization to Java applications. The real power of Spring Security is found in how easily it can be extended to meet custom requirements.

Devise is a flexible authentication solution for Rails based on Warden

It provides backend services, easy-to-use SDKs, and ready-made UI libraries to authenticate users to your app. It supports authentication using passwords, phone numbers, popular federated identity providers like Google,

It is authentication middleware for Node.js. Extremely flexible and modular, It can be unobtrusively dropped in to any Express-based web application. A comprehensive set of strategies support authentication using a username and password, Facebook, Twitter, and more.

OmniAuth is a Ruby authentication framework aimed to abstract away the difficulties of working with various types of authentication providers. It is meant to be hooked up to just about any system, from social networks to enterprise systems to simple username and password authentication.

It is a simple identity layer on top of the OAuth 2.0 protocol. It allows Clients to verify the identity of the End-User based on the authentication performed by an Authorization Server, as well as to obtain basic profile information about the End-User in an interoperable and REST-like manner.

It is a free, open-source implementation of the Lightweight Directory Access Protocol. Lightweight Directory Access is an application protocol that is used to crosscheck information on the server end.

It is a mature, flexible, and well supported standards-based mechanism for interacting with directory servers. It’s often used for authentication and storing information about users, groups, and applications, but an LDAP directory server is a fairly general-purpose data store and can be used in a wide variety of applications.

Clerk gives you more than just a "sign-in box". You get a complete set of User Management UIs and APIs, including a powerful Admin Dashboard. Purpose-built for React, Next.js, and the Modern Web. Finally, an auth service that "just works".

This package provides JSON Web Token Authentication support for Django REST framework. Unlike some more typical uses of JWTs, this module only generates authentication tokens that will verify the user who is requesting one of your DRF protected API resources.

Passwords are the bane of app security. With a few lines of code and no bloat, it lets you build apps with blazing-fast, customizable, passwordless login - with future-proof crypto and identity tech under the hood.

FreeIPA is an integrated Identity and Authentication solution for Linux/UNIX networked environments. A FreeIPA server provides centralized authentication, authorization and account information by storing data about user, groups, hosts and other objects necessary to manage the security aspects of a network of computers.

Stormpath is an authentication and user management service that helps development teams quickly and securely build web and mobile applications and services.

In Casbin, an access control model is abstracted into a CONF file based on the PERM metamodel (Policy, Effect, Request, Matchers). So switching or upgrading the authorization mechanism for a project is just as simple as modifying a configuration. You can customize your own access control model by combining the available models.

Oso Cloud is authorization-as-a-service. It provides abstractions for building and iterating on authorization in your application – based on years of work with hundreds of engineering teams.

The authentication and authorization system BuzzFeed developed to provide a secure, single sign-on experience for access to the many internal web apps used by our employees.

It is the open source implementation of RADIUS, an IETF protocol for AAA (Authorisation, Authentication, and Accounting).. It is responsible for authenticating one third of all users on the Internet.

It is a Colorado-based startup that customers use to authenticate, authorize, and manage users, devices, and applications. They do it all easily via a common directory in the cloud, instead of through legacy, on-premises IT systems.

It is a self-managed server that secures access to your applications and APIs with OAuth 2.0 and OpenID Connect. It is OpenID Connect Certified and optimized for latency, high throughput, and low resource consumption.

OAuth is a protocol that aimed to provide a single secure recipe to manage authorizations. It is now used by almost every web application. However, 30+ different implementations coexist. OAuth.io fixes this massive problem by acting as a universal adapter, thanks to a robust API. With OAuth.io integrating OAuth takes minutes instead of hours or days.

It is an Identity Provider that can be used for web and apps. Users are authenticated by verifying access to an email address or a securely stored private key.

Satellizer is a simple to use, end-to-end, token-based authentication module for AngularJS with built-in support for Google, Facebook, LinkedIn, Twitter authentication providers, plus Email and Password sign-in method. You are not limited to the sign-in options above, in fact you can add any OAuth 1.0 or OAuth 2.0 provider by passing provider-specific information during the configuration step.

It is a customer-managed solution that can be deployed on premises or on any public cloud, such as AWS, Azure, or Google Cloud Platform. It provides users with secure access and single sign-on to all the virtual, SaaS and web applications they need to be productive.

It enables you to discover and access infrastructure (e.g. Kubernetes, databases). We help you connect an identity provider such as Okta or Azure active directory, and map users/groups with the permissions you set to your infrastructure.

Start selling to enterprise customers with just a few lines of code.

It provides auth, login, SSO, MFA, and is free for unlimited users. It provides secure, single-tenant, on-prem or private cloud identity, custom emails with localization, social logins, group-based auth and more.

It is a cloud native user management system. It provides user login and registration, multi-factor authentication, and user information storage with a headless API. It is fully configurable and supports a wide range of protocols such as Google Authenticator, and stores user information using JSON Schema.

It is an open-source authentication and authorization server providing 2-factor authentication and single sign-on (SSO) for your applications via a web portal. It acts as a companion of reverse proxies like nginx, Traefik or HAProxy to let them know whether queries should pass through. Unauthenticated users are redirected to Authelia Sign-in portal instead.

It is an award-winning application written in native PHP that deals with authentication. It supports some other identity protocols and frameworks, such as Shibboleth 1.3, A-Select, CAS, OpenID, WS-Federation or OAuth, and is easily extendable, so you can develop your own modules if you like.

It is a comprehensive identity platform that makes it easy to build authentication into any stack or code base, so you can tailor it to fit your unique requirements and end user experience.

It allows you to manage user permissions and roles in a database.

Avoid dealing with OAuth logic in your code, and spend more time creating your product. Guardian reduces the OAuth footprint in your code to a single request. Built with modularity in mind, Guardian leverages plugins to handle OAuth flows, should you encounter a flow that Guardian doesn't handle, create a small flow plugin to do so and carry on. Guardian comes with 5 pre-made plugins that cover 99% of OAuth services.

It converts your passive OTP process to active push notification. It works like magic! When you use it's Chrome Extension, it will identify your visited website's OTP request and will send it to your mobile phone as a push notification. When you Accept that request on your phone, your code will be generated on your mobile phone and send it back to the Chrome Extension. That extension will put your OTP code to the OTP text box and will redirect you to the application automatically.

It is a platform enabling quick access to mobile and web apps with mobile phone number only. Enables apps' users to quickly access apps without the need for a one-time password (OTP). In addition to being fast, secure and flexible. It also provides the opportunity to choose a preferred messaging platform.

It provides you with all the features necessary to build great solutions, without the need of building the login and access management yourself.

It is a mechanism developed by Security Dynamics for performing two-factor authentication for a user to a network resource.

Add secure login and session management to your apps. It is optimized to add secure authentication for your users without compromising on user and developer experience. It is quick to implement and easy to customize.

It provides a quick, easy, and secure solution to connect anything to anything. The solution provides a persistent connection between on-premises or third-party cloud environments and the IBM Cloud®.

It lets you establish a central authorization layer for applications accessed by HTTPS, so you can use an application-level access control model instead of relying on network-level firewalls.

It is an enterprise federation server that enables user authentication and single sign-on. It serves as a global authentication authority that allows employees, customers and partners to securely access all the applications they need from any device.

It helps safeguard access to data and applications while maintaining simplicity for users. It provides additional security by requiring a second form of authentication and delivers strong authentication via a range of easy to use authentication methods. Users may or may not be challenged for MFA based on configuration decisions that an administrator makes.

It provides services which are key in creating effective security policy, strengthening security by ensuring only the right person at the right time can access your sensitive networks and data.

Simple, powerful authentication that you can integrate in minutes. Free your users from passwords with secure and frictionless one click sign up and sign in. Built from the ground up using the best in class security protocols available today.

Xkit manages the process of getting authorization to connect to your users' 3rd party SaaS apps so you can focus on building your integrations.