10+ Open-source Single-Sign On (SSO) and IAM Solutions

Single Sign-On (SSO) is a login service layer that allows users to sign in to multiple apps with a single login. Using SSO service to improve security, save the user from having to deal with multiple passwords, login sessions, and losing time.

In contrast, SSO "Single-Sign-On" is an authentication and authorization process through one login interface, designed to increase security issues, increase employee productivity, and improve customer experience.

It is the user first engagement layer for many FIM as IAM services.

As there are many commercial IAM and SSO services for the enterprise, we decided to provide you with a list of open-source alternatives.

In this list, we offer you the best open-source SSO in the market.

1- Authelia

Authelia is a free, open-source, self-hosted Single Sign-on (SSO) project for the enterprise. It features a fancy stylish login window, one-time password setup, pushes notifications, and more.

Authelia is our first pick for this list, because we have tested it, and published a snap review about it here.

GitHub - authelia/authelia: The Single Sign-On Multi-Factor portal for web apps

The Single Sign-On Multi-Factor portal for web apps - GitHub - authelia/authelia: The Single Sign-On Multi-Factor portal for web apps

GitHubauthelia

2- Keycloak

Keycloak is a free, open-source identity and access management system with highly configurable Single-Sign-On (SSO) support.

Keycloak offers built-in support for popular standard protocols like OpenID Connect, OAuth 2.0, and SAML 2.0.

Keycloak

Keycloak is an open source identity and access management solution

Keycloak Team

3- Gluu

Gluu Community Edition, is a free, open-source, self-hosted OAuth server, IAM with SSO implementation.

It follows open web standards to provide seamless IAM experiences for the enterprise.

Gluu supports SAML 2.0, OAuth 2.0, SCIM, LDAP, and Radius.

With Gluu, you can use it as IAM "identity and access management system", or as SSO "Single-Sign-On".

Gluu

Central authentication and authorization for web & mobile applications - Gluu

GitHub

4- lemonldap

LemonLDAP web-based Single-Sign On (SSO), and access management system is released as an open-source project.

Beyond it is basic functionalities, LemonLDAP offers a comprehensive session management system, rich authentication backend list (LDAP, Active Directory, SAML, Facebook, Twitter, LinkedIn, and OpenID connect), access log, and extensive identity manager.

LemonLDAP::NG - Web Single Sign On and Access Management Free Software

LemonLDAP::NG is a free software to provide WebSSO, Access Management and Identity Federation

Twitter

5- OWASP SSO

OWASP SSO is an open-source JavaScript application that offers a self-hosted SSO for web and hybrid mobile projects.

It requires Node.js to run the SSO-supported backend server and offers a Vue frontend source code, which you can download, configure, and deploy.

GitHub - OWASP/SSO_Project: OWASP Single Sign-On allows a secure-by-default self-hosted SSO experience, including phishing-proof two-factor authentication, using state-of-the-art security mechanisms.

OWASP Single Sign-On allows a secure-by-default self-hosted SSO experience, including phishing-proof two-factor authentication, using state-of-the-art security mechanisms. - GitHub - OWASP/SSO_Proj…

GitHubOWASP

6- OpenAM

If you are looking for a full-featured IAM system with SSO, then OpenAM is one of the best options that we can offer.

OpenAM features SSO, authentication, authorization, identity federation, and developer-friendly API.

It supports CDSSO (Cross-Domain Single Sign-On), SAML 2.0, OAuth 2.0, and OpenID Connect.

OpenAM is licensed and distributed under Common Development and Distribution License (CDDL).

GitHub - OpenIdentityPlatform/OpenAM: OpenAM is an open access management solution that includes Authentication, SSO, Authorization, Federation, Entitlements and Web Services Security.

OpenAM is an open access management solution that includes Authentication, SSO, Authorization, Federation, Entitlements and Web Services Security. - GitHub - OpenIdentityPlatform/OpenAM: OpenAM is…

GitHubOpenIdentityPlatform

7- Apereo CAS

Apereo CAS is an open-source enterprise-grade Single-Sign On system. It is the part of Central Authentication Service (CAS) project.

Apereo CAS offers out-of-the-box support for several protocols like CAS (v1, v2, and v3), SAML (1.0 and 2.0), OAuth (v2), OpenID, OpenID Connect, and more.

With Apereo CAS you can choose your preferred authentication method from JAAS, LDAP, RDBMS, Radius, JWT, and other technologies.

Apereo CAS supports multifactor authentication via Due, YubiKey, RSA, Google Authenticator, U2F, WebAuthen, and many other tools.

The project is built on top of Spring Boot and Spring Cloud.

GitHub - apereo/cas: Apereo CAS - Identity & Single Sign On for all earthlings and beyond.

Apereo CAS - Identity & Single Sign On for all earthlings and beyond. - GitHub - apereo/cas: Apereo CAS - Identity & Single Sign On for all earthlings and beyond.

GitHubapereo

8- IdentityServer

IdentityServer is a complete IAM "Identity and access management system" which uses OpenID Connect, and OAuth 2.0 framework on top of ASP.NET Core.

It offers a headless SSO through a developer-friendly API.

If you are looking for a certified and complaint system to OpenID Foundation, with .Net technologies, then IdentityServer is your answer.

IdentityServer is released under Apache 2.0 License.

IdentityServer

IdentityServer has 35 repositories available. Follow their code on GitHub.

GitHub

9- Jasny SSO

Jasny SSO is a simple, straightforward SSO solution for PHP projects. It is consisting of 3 parts: a client, a broker, and a server.

It can be installed and integrated with any PHP project.

GitHub - jasny/sso: Simple Single Sign-On for PHP

Simple Single Sign-On for PHP. Contribute to jasny/sso development by creating an account on GitHub.

GitHubjasny

10- S.S.Octopus  

This one is an open-source SSO project by Buzzfeed. It is written in Go and can be installed using prebuilt binary releases, or Docker.

SSO or S.S.Octopus is released under MIT license as an open-source project.

GitHub - buzzfeed/sso: sso, aka S.S.Octopus, aka octoboi, is a single sign-on solution for securing internal services

sso, aka S.S.Octopus, aka octoboi, is a single sign-on solution for securing internal services - GitHub - buzzfeed/sso: sso, aka S.S.Octopus, aka octoboi, is a single sign-on solution for securing…

GitHubbuzzfeed

11- ORY Hydra

ORY Hydra is an open-source OpenID Certified™ OpenID Connect and OAuth Provider written in Go. ORY Hydra is part of the ORY IAM ecosystem.

ORY offers a great set of subprojects to build a complete IDM for enterprise, and all in open-source.

GitHub - ory/hydra: OpenID Certified™ OpenID Connect and OAuth Provider written in Go - cloud native, security-first, open source API security for your infrastructure. SDKs for any language. Works with Hardware Security Modules. Compatible with MITREid.

OpenID Certified™ OpenID Connect and OAuth Provider written in Go - cloud native, security-first, open source API security for your infrastructure. SDKs for any language. Works with Hardware Securi…

GitHubory

Wrapping up

Single-Sign On is a trending requirement for the enterprise. It provides better security, boosts productivity, and improves user experience.

We covered all possible open-source SSO solutions, and we are keeping this post as an evergreen article, by adding new findings. So, we recommend saving this page to your bookmark if you are interested in this topic.

10 Open-source Identity and Access Management IAM Systems for the Enterprise

Identity and Access Management (IAM), is a collective term that covers: User identity, rules, and authentication management software and access management policies and p

MEDevelopment: Open-source medical and enterprise softwareHamza Musa