Authentication and Authorization - Go Libraries & Packages

Packages (39)

casbin

Authorization library that supports access control models like ACL, RBAC, and ABAC.

19,798 1,720

jwt-go

A full featured implementation of JSON Web Tokens (JWT). This library supports the parsing and verification as well as the generation and signing of JWTs.

8,881 427

goth

provides a simple, clean, and idiomatic way to use OAuth and OAuth2. Handles multiple providers out of the box.

6,435 626

spicedb

A Zanzibar-inspired database that enables fine-grained authorization.

6,401 366

oauth2

Successor of goauth2. Generic OAuth 2.0 package that comes with JWT, Google APIs, Compute Engine, and App Engine support.

5,813 1,043

Open Source (Go) implementation of "Zanzibar: Google's Consistent, Global Authorization System". Ships gRPC, REST APIs, newSQL, and an easy and granular permission language. Supports ACL, RBAC, and other access models.

5,262 376

openfga

Implementation of fine-grained authorization based on the "Zanzibar: Google's Consistent, Global Authorization System" paper. Backed by [CNCF](https://www.cncf.io/).

4,699 349

authboss

Modular authentication system for the web. It tries to remove as much boilerplate and "hard things" as possible so that each time you start a new web project in Go, you can plug it in, configure it, and start building your app without having to build an authentication system each time.

4,144 222

scs

Session Manager for HTTP servers.

2,516 192

jwx

Go module implementing various JWx (JWA/JWE/JWK/JWS/JWT, otherwise known as JOSE) technologies.

2,309 191

gologin

chainable handlers for login with OAuth1 and OAuth2 authentication providers.

1,945 146

osin

Golang OAuth2 server library.

1,935 396

loginsrv

JWT login microservice with pluggable backends such as OAuth2 (Github), htpasswd, osiam.

1,927 147

oidc

Easy to use OpenID Connect client and server library written for Go and certified by the OpenID Foundation.

1,759 198

gorbac

provides a lightweight role-based access control (RBAC) implementation in Golang.

1,657 180

paseto

Golang implementation of Platform-Agnostic Security Tokens (PASETO).

932 38

jwt

Safe, simple, and fast JSON Web Tokens for Go.

687 47

go-guardian

Go-Guardian is a golang library that provides a simple, clean, and idiomatic way to create powerful modern API and web authentication that supports LDAP, Basic, Bearer token, and Certificate based authentication.

606 61

go-jose

Fairly complete implementation of the JOSE working group's JSON Web Token, JSON Web Signatures, and JSON Web Encryption specs.

478 106

jwt

Lightweight JSON Web Token (JWT) library.

362 24

jeff

Simple, flexible, secure, and idiomatic web session management with pluggable backends.

270 17

gosession

This is quick session for net/http in GoLang. This package is perhaps the best implementation of the session mechanism, or at least it tries to become one.

258 18

jwt-auth

JWT middleware for Golang http servers with many configuration options.

237 41

goiabada

An open-source authentication and authorization server supporting OAuth2 and OpenID Connect.

183 13

otpgen

Library to generate TOTP/HOTP codes.

142 12

sessionup

Simple, yet effective HTTP session management and identification package.

130 7

sjwt

Simple jwt generator and parser.

122 9

session

Go session management for web servers (including support for Google App Engine - GAE).

118 15

branca

branca token [specification implementation](https://github.com/tuupola/branca-spec) for Golang 1.15+.

95 8

securecookie

Efficient secure cookie encoding/decoding.

84 12

sessions

Dead simple, highly performant, highly customizable sessions service for go http servers.

79 11

otpgo

Time-Based One-Time Password (TOTP) and HMAC-Based One-Time Password (HOTP) library for Go.

76 10

scope

Easily Manage OAuth2 Scopes In Go.

42 8

go-iam

Developer-first Identity and Access Management system with a simple UI.

34 5

go-githubauth

Utilities for GitHub authentication: generate and use GitHub application and installation tokens.

26 4

cookiestxt

provides a parser of cookies.txt file format.

22 7

go-jwt

JWT authentication package providing access tokens and refresh tokens with fingerprinting, Redis storage, and automatic refresh capabilities.

permissions

Library for keeping track of users, login states, and permissions. Uses secure cookies and bcrypt.

12 1

x509proxy

Library to handle X509 proxy certificates.