... | ... | @@ -2301,18 +2301,18 @@ individually. |
|
|
Here's a list of the possible applications that could do this that
|
|
|
we're aware of:
|
|
|
|
|
|
| Application | MFA | webauthn | OIDC | OAuth2 | SAML | SCIM | LDAP | Radius | Notes |
|
|
|
|------------------|-----|----------|------|--------|------|------|------|--------|------------------------------------------------------------------------------|
|
|
|
| [Authelia][] | 2FA | ✓ | ✓ | x | x | x | ✓ | x | rate-limiting, password reset, HA, Go/React |
|
|
|
| [Authentik][] | 2FA | ✓ | ✓ | x | x | x | ✓ | ✓ | proxy, metrics, Python/TypScript, sponsored by DigitalOcean |
|
|
|
| [Casdoor][] | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | CAS, sponsored by Stytch, widely used |
|
|
|
| [Dex][] | x | x | ✓ | ✓ | ✓ | x | ✓ | x | |
|
|
|
| [FreeIPA][] | x | x | x | x | x | x | ✓ | x | DNS, web/CLI UI, C?, built on top of 389 DS (Fedora LDAP server) |
|
|
|
| [A/I id][] | 2FA | ✓ | x | x | x | x | ✓ | x | SASL, PAM, Proxy, SQLite, rate-limiting |
|
|
|
| [Kanidm][] | 2FA | x | ✓ | x | x | x | ✓ | ✓ | SSH, PAM + offline support, web/CLI UI, Rust |
|
|
|
| [Keycloak][] | 2FA | [x][w3c] | ✓ | ✓ | 2 | x | ✓ | x | Kerberos, SQL, web UI, HA/clustering, Java, sponsored by RedHat |
|
|
|
| [LemonLDAP-ng][] | 2FA | ✓ | ✓ | x | ✓ | x | ✓ | x | Kerberos, SQL, Perl, [packaged in Debian][] |
|
|
|
| [ory.sh][] | 2FA | ✓ | ✓ | ✓ | x | x | x | x | multi-tenant, account verification, password resets, HA, Golang, complicated |
|
|
|
| Application | MFA | webauthn | OIDC | SAML | SCIM | LDAP | Radius | Notes |
|
|
|
|------------------|-----|----------|------|------|------|------|--------|------------------------------------------------------------------------------|
|
|
|
| [Authelia][] | 2FA | ✓ | ✓ | ✗ | ✗ | ✓ | ✗ | rate-limiting, password reset, HA, Go/React |
|
|
|
| [Authentik][] | 2FA | ✓ | ✓ | ✗ | ✗ | ✓ | ✓ | proxy, metrics, Python/TypScript, sponsored by DigitalOcean |
|
|
|
| [Casdoor][] | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | CAS, sponsored by Stytch, widely used |
|
|
|
| [Dex][] | ✗ | ✗ | ✓ | ✓ | ✗ | ✓ | ✗ | |
|
|
|
| [FreeIPA][] | ✗ | ✗ | ✗ | ✗ | ✗ | ✓ | ✗ | DNS, web/CLI UI, C?, built on top of 389 DS (Fedora LDAP server) |
|
|
|
| [A/I id][] | 2FA | ✓ | ✗ | ✗ | ✗ | ✓ | ✗ | SASL, PAM, Proxy, SQLite, rate-limiting |
|
|
|
| [Kanidm][] | 2FA | ✗ | ✓ | ✗ | ✗ | ✓ | ✓ | SSH, PAM + offline support, web/CLI UI, Rust |
|
|
|
| [Keycloak][] | 2FA | [✗][w3c] | ✓ | 2 | ✗ | ✓ | ✗ | Kerberos, SQL, web UI, HA/clustering, Java, sponsored by RedHat |
|
|
|
| [LemonLDAP-ng][] | 2FA | ✓ | ✓ | ✓ | ✗ | ✓ | ✗ | Kerberos, SQL, Perl, [packaged in Debian][] |
|
|
|
| [ory.sh][] | 2FA | ✓ | ✓ | ✗ | ✗ | ✗ | ✗ | multi-tenant, account verification, password resets, HA, Golang, complicated |
|
|
|
|
|
|
See also [mod_auth_openidc](https://github.com/OpenIDC/mod_auth_openidc) for an Apache module supporting OIDC.
|
|
|
|
... | ... | |