... | ... | @@ -2305,12 +2305,13 @@ we're aware of: |
|
|
|------------------|---------------------------------------------------------------------------------------------------|-------------------------------------------------------|
|
|
|
| [Authelia][] | SSO, 2FA/webauthn, OIDC, LDAP, rate-limiting, password reset, HA, Go/React | |
|
|
|
| [Authentik][] | SSO, 2FA/webauthn, OIDC, LDAP, Radius, proxy, metrics, Python/TypScript | sponsored by DigitalOcean |
|
|
|
| [Dex][] | SSO, OIDC, LDAP, SAML, Oauth 2 | |
|
|
|
| [FreeIPA][] | SSO, LDAP, DNS, web/CLI UI, C? | built on top of 389 DS (Fedora LDAP server) |
|
|
|
| [A/I id][] | SSO, LDAP, 2FA/webauthn, SASL, PAM, Proxy, SQLite, rate-limiting | |
|
|
|
| [Kanidm][] | SSO, 2FA, OIDC, LDAP, Radius, SSH, PAM + offline support, web/CLI UI, Rust | |
|
|
|
| [Keycloak][] | SSO, 2FA, OIDC, OAuth 2, LDAP, SAML 2, Kerberos, SQL, web UI, HA/clustering, Java | [possibly no Webauthn support][], sponsored by RedHat |
|
|
|
| [LemonLDAP-ng][] | SSO, 2FA/webauthn, OIDC, LDAP, SAML, Kerberos, SQL, Perl | [packaged in Debian][] |
|
|
|
| [ory.sh][] | SSO, 2FA/webauthn, OIDC, OAuth 2, multi-tenant, account verification, password resets, HA, Golang | complicated, no LDAP |
|
|
|
| [ory.sh][] | SSO, 2FA/webauthn, OIDC, OAuth 2, multi-tenant, account verification, password resets, HA, Golang | complicated, no LDAP |
|
|
|
|
|
|
See also [mod_auth_openidc](https://github.com/OpenIDC/mod_auth_openidc) for an Apache module supporting OIDC.
|
|
|
|
... | ... | @@ -2327,6 +2328,7 @@ swap ud-ldap out if we need to, replacing bits of it as we go. |
|
|
[possibly no Webauthn support]: https://github.com/keycloak/keycloak-community/blob/main/design/web-authn-two-factor.md
|
|
|
[A/I id]: https://git.autistici.org/id
|
|
|
[ory.sh]: https://www.ory.sh/
|
|
|
[Dex]: https://dexidp.io/
|
|
|
|
|
|
#### Keycloak
|
|
|
|
... | ... | |