π‘ VigiloAuth is under active development and already supports core OAuth2 and OIDC flows, with more on the way!
βοΈ Apache 2.0 License: This server is free and open source, developed for community use and OIDF certification.
π¬ Join the Conversation: We're gathering feedback and ideas in the discussion threads. Come share your thoughts!
π» The Admin UI can be found here
VigiloAuth is designed to simplify the implementation of OAuth 2.0 and OpenID Connect (OIDC) authentication servers. Whether you need a full-fledged authentication server, an identity server, or both, VigiloAuth provides compliant endpoints that you can easily integrate into your application without writing any complex code.
With VigiloAuth, you can quickly set up secure authentication and identity management solutions for your application, allowing users to authenticate and easily manage their identities. VigiloAuth comes pre-configured with common authentication flows and identity management endpoints, saving you time and effort while making sure that your system complies with industry standards.
Whether you are building a simple app or a complex enterprise system, VigiloAuth provides a solid foundation for handling authentication and identity management with minimal effort.
- β User Registration
- β User Email Verification
- β Basic User Authentication
- β OAuth User Authentication
- β Authorization Code Flow
- β Authorization Code Flow With PKCE
- β Resource Owner Password Credentials Flow
- β Client Credentials Flow
- β Dynamic Client Registration
- β Audit Logging
- β Docker Server Instance
- β Token Refresh
- β Token Introspection
- β Token Revocation
- β OIDC UserInfo Endpoint
- β OIDC Discovery Endpoint
- β OIDC JSON Web Key Set Endpoint
- β In Memory Storage
- π οΈ Realm Support
- π οΈ Phone Number Verification
- π οΈ Password Recovery
- π οΈ User Profile Management
- π οΈ Role-Based Access Control (RBAC)
- π οΈ Scope-Based Access Control
- π οΈ User Consent Management
- π οΈ Time-Based OTP Authentication
- π οΈ Backup Recovery Codes
- π οΈ Implicit Grant Flow
- π οΈ OIDC Hybrid Flow
- π οΈ Device Authorization Grant
- π οΈ Back Channel Authentication Flow
- π οΈ Social Login Integration Hooks
- π οΈ Dynamic Database Configuration
- π οΈ UI for User Authentication
You can find the list of our currently passing conformance tests here.
Comprehensive documentation is available in the User Guide.
We welcome contributions to improve VigiloAuth! Follow the steps below to ensure a smooth contribution process.
If you're a first-time contributor, check out our Good First Issues.
- Fork the Repository: Create your own fork on GitHub.
- Clone Your Fork: Clone it to your local development environment.
- Create a Branch: Create a new branch from
master(e.g.,feature/my-feature). - Make Your Changes: Implement your changes in alignment with project goals.
- Write Tests: Add or update tests to cover your changes.
- Commit Your Changes: Use Conventional Commits (see below).
- Push Your Changes: Push your branch to your GitHub fork.
- Open a Pull Request: Submit a PR to the main repository and clearly describe your changes.
We follow the Conventional Commit standards to ensure clear and meaningful commit messages. Use the format:
<type>[optional scope]: <description>
[optional body]
[optional footer(s)]
breaking: Introduce a breaking change that may require users to modify their code or dependencies.feat: Add a new feature that enhances the functionality of the project.fix: Apply a bug fix that resolves an issue without affecting functionality.task: Add or modify internal functionality that supports the codebase but doesn't introduce a new feature or fix a bug (e.g., utility methods, service logic, or internal improvements).docs: Update documentation, such as fixing typos or adding new information.style: Changes that donβt affect the codeβs behavior, like formatting or code style adjustments.refactor: Refactor code without adding features or fixing bugs.test: Add or modify tests.chore: Miscellaneous changes like updates to build tools or dependencies.
For more information about contributing, please read our contribution guide
Copyright 2024 Olivier PimparΓ©-Charbonneau
Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.