#Authorization
Showing 60 of 152 repositories tagged #authorization, ranked by stars
The authentication glue you need.
Apache Casbin: an authorization library that supports access control models like ACL, RBAC, ABAC.
Internet-scale OpenID Certifiedโข OpenID Connect and OAuth2.1 provider that integrates with your user management through headless APIs. Solve OIDC/OAuth2 user cases over night. Consume as a service on Ory Network or self-host. Trusted by OpenAI and many others for scale and security. Written in Go.
ZITADEL - Identity infrastructure, simplified forย you.
๐งโ๐ Authentication and authorization infrastructure for SaaS and AI apps, built on OIDC and OAuth 2.1 with multi-tenancy, SSO, and RBAC.
Open Policy Agent (OPA) is an open source, general-purpose policy engine.
Expose your FastAPI endpoints as Model Context Protocol (MCP) tools, with Auth!
Open Source, Google Zanzibar-inspired database for scalably storing and querying fine-grained authorization data
The user infrastructure platform. You choose the frontend, backend, and database. Hexclave handles everything else.
An open-source authorization as a service inspired by Google Zanzibar, designed to build and manage fine-grained and scalable authorization systems for any application. โ Permify is now part of FusionAuth ๐
Policy and data administration, distribution, and real-time updates on top of Policy Agents (OPA, Cedar, ...)
A high performance and flexible authorization/permission engine built for developers and inspired by Google Zanzibar
The Developer Platform for Modern APIs
The most scalable and customizable permission server on the market. Fix your slow or broken permission system with Google's proven "Zanzibar" approach. Supports ACL, RBAC, and more. Written in Go, cloud native, headless, API-first. Available as a service on Ory Network and for self-hosters.
Orchestrate end-to-end encryption, cryptographic identities, mutual authentication, and authorization policies between distributed applications โ at massive scale.
A binary authorization and monitoring system for macOS
Cerbos is the open core, language-agnostic, scalable authorization solution that makes user permissions and authorization simple to implement and manage by writing context-aware access control policies for your application resources.
An unified permissions API for React Native on iOS, Android and Windows.
ไผไธ็บง็ Go ่ฏญ่จๅฎๆ้กน็ฎ๏ผ่ฎค่ฏๅๆๆ็ณป็ป๏ผๅธฆ้ ๅฅ่ฏพ็จ๏ผ
Laravel Eloquent roles and abilities.
A generic, spec-compliant, thorough implementation of the OAuth request-signing logic
Modern data layer for TypeScript apps - type-safe ORM, built-in access control, automatic query services
Extensible security first OAuth 2.0 and OpenID Connect SDK for Go.
Python Client for Supabase. Query Postgres from Flask, Django, FastAPI. Python user authentication, security policies, edge functions, file storage, and realtime data streaming. Good first issue.
Security engine for Java (authentication, authorization, multi frameworks): OpenID Connect, SAML2, CAS, OAuth, LDAP, JWT...
A JWT based API for managing users and issuing JWT tokens
Role and Attribute based Access Control for Node.js
๐ Authentication, Authorization, and Accounting (AAA) App and Plugin for Caddy v2. ๐ Implements Form-Based, Basic, Local, LDAP, OpenID Connect, OAuth 2.0 (Github, Google, Facebook, Okta, etc.), SAML Authentication. MFA/2FA with App Authenticators and Yubico. ๐ Authorization with JWT/PASETO tokens. ๐
๐ oauth2 - A Ruby wrapper for the OAuth 2.0, & 2.1 Authorization Frameworks, including OpenID Connect (OIDC)
Your data, your control. Fully open source, authentication and authorization. No lock-ins. Deployment in Railway in 120 seconds || Spin a docker image as a micro-service in your infra. Built in login page and Admin panel out of the box.
Full Stack Polls App built using Spring Boot, Spring Security, JWT, React, and Ant Design
A Kubernetes operator that simplifies the management of Role Bindings and Service Accounts.
A framework agnostic authentication & authorization system.
Proactive, Open source API security โ API discovery, API Security Posture, Testing in CI/CD, Test Library with 1000+ Tests, Add custom tests, Sensitive data exposure
A tool to scan Kubernetes cluster for risky permissions
Review Access - kubectl plugin to show an access matrix for k8s server resources
Cloud-native authorization for modern applications and APIs
An authorization library that supports access control models like ACL, RBAC, ABAC in PHP .
StarHackIt: React/Native/Node fullstack starter kit with authentication and authorisation, data backed by SQL, the infrastructure deployed with GruCloud
Authentication for PHP. Simple, lightweight and secure.
CasOS: a cloud operating system built on Kubernetes, Live Demo: https://demo.casos.net
Ready-to-use and customizable Authentications and Oauth2 management for FastAPI โจ
Autogenerate RBAC policies based on Kubernetes audit logs
Rapid7 | insightCloudSec | Kubernetes RBAC Power Toys - Visualize, Analyze, Generate & Query
:gem: Frontend access control framework based Vue
๐ชช User identification, authentication, and authorization for Axum.
Easily find roles and cluster roles attached to any user, service account, or group name in your Kubernetes cluster
casๅ็น็ปๅฝ็ณป็ป๏ผๅ ถไธญๅ ๆฌcas่ฎค่ฏๆๅก๏ผ้ ็ฝฎไธญๅฟ๏ผ็ๆงๅนณๅฐ๏ผๆๅก็ฎก็็้ซๅฏ็จ้กน็ฎ
Open Security Controls Assessment Language (OSCAL)
Python Social Auth - Core
Production-Ready MCP Server Framework โข Build, deploy & scale secure AI agent infrastructure โข Includes Auth, Observability, Debugger, Telemetry & Runtime โข Run real-world MCPs powering AI Agents
FastAPI extension that provides JWT Auth support (secure, easy to use, and lightweight)
An opinionated backend framework based on NestJS. Get your CRUD app up and running in no time! โ๏ธ๐
Low-Level OAuth 2 / OpenID Connect Client API for JavaScript Runtimes
GORM adapter for Casbin, see extended version of GORM Adapter Ex at: https://github.com/casbin/gorm-adapter-ex
Passwordless Auth for Django REST Framework
OpenID Connect Code Flow PKCE / Implicit Flow with Angular and ASP.NET Core 6 IdentityServer4
A binary and file access authorization system for macOS.
A boilerplate for Node.js apps / Rest API / Authentication from scratch - express, mongodb (mongoose). Typescript
๐งฟ AutorizeProๆฏไธๆฌพๅผบๅคง่ถๆๆฃๆต Burp ๆไปถ๏ผ้่ฟๅขๅ AI ่พ ๅฉๅๆ && ่ฟไธๆญฅไผๅๆฃๆต้ป่พ๏ผๅคงๅน ้ไฝ่ฏฏๆฅ็๏ผๆๅ่ถๆๆผๆดๆฃๅบๆ็ใ [ AutorizePro is a authorization enforcement detection extension for burp suite. By adding Ai-assisted analysis, it significantly reduces the false positive rate and improves the efficiency of vulnerability detection.