Authentication and Authorization

41 packages

Packages (41)

casbin

Authorization library that supports access control models like ACL, RBAC, and ABAC.

19,935 1,727

jwt-go

A full featured implementation of JSON Web Tokens (JWT). This library supports the parsing and verification as well as the generation and signing of JWTs.

8,964 425

spicedb

A Zanzibar-inspired database that enables fine-grained authorization.

6,532 373

goth

provides a simple, clean, and idiomatic way to use OAuth and OAuth2. Handles multiple providers out of the box.

6,486 630

oauth2

Successor of goauth2. Generic OAuth 2.0 package that comes with JWT, Google APIs, Compute Engine, and App Engine support.

5,823 1,042

keto

Open Source (Go) implementation of "Zanzibar: Google's Consistent, Global Authorization System". Ships gRPC, REST APIs, newSQL, and an easy and granular permission language. Supports ACL, RBAC, and other access models.

5,286 378

openfga

Implementation of fine-grained authorization based on the "Zanzibar: Google's Consistent, Global Authorization System" paper. Backed by [CNCF](https://www.cncf.io/).

4,908 374

authboss

Modular authentication system for the web. It tries to remove as much boilerplate and "hard things" as possible so that each time you start a new web project in Go, you can plug it in, configure it, and start building your app without having to build an authentication system each time.

4,166 220

scs

Session Manager for HTTP servers.

2,534 193

jwx

Go module implementing various JWx (JWA/JWE/JWK/JWS/JWT, otherwise known as JOSE) technologies.

2,336 192

gologin

chainable handlers for login with OAuth1 and OAuth2 authentication providers.

1,946 146

osin

Golang OAuth2 server library.

1,934 395

loginsrv

JWT login microservice with pluggable backends such as OAuth2 (Github), htpasswd, osiam.

1,929 147

oidc

Easy to use OpenID Connect client and server library written for Go and certified by the OpenID Foundation.

1,782 203

gorbac

provides a lightweight role-based access control (RBAC) implementation in Golang.

1,661 180

paseto

Golang implementation of Platform-Agnostic Security Tokens (PASETO).

931 38

jwt

Safe, simple, and fast JSON Web Tokens for Go.

688 47

go-guardian

Go-Guardian is a golang library that provides a simple, clean, and idiomatic way to create powerful modern API and web authentication that supports LDAP, Basic, Bearer token, and Certificate based authentication.

610 61

go-jose

Fairly complete implementation of the JOSE working group's JSON Web Token, JSON Web Signatures, and JSON Web Encryption specs.

490 109

jwt

Lightweight JSON Web Token (JWT) library.

361 24

jeff

Simple, flexible, secure, and idiomatic web session management with pluggable backends.

271 17

gosession

This is quick session for net/http in GoLang. This package is perhaps the best implementation of the session mechanism, or at least it tries to become one.

258 18

jwt-auth

JWT middleware for Golang http servers with many configuration options.

236 41

goiabada

An open-source authentication and authorization server supporting OAuth2 and OpenID Connect.

187 14

otpgen

Library to generate TOTP/HOTP codes.

142 12

sessionup

Simple, yet effective HTTP session management and identification package.

131 7

sjwt

Simple jwt generator and parser.

122 9

session

Go session management for web servers (including support for Google App Engine - GAE).

118 15

branca

branca token [specification implementation](https://github.com/tuupola/branca-spec) for Golang 1.15+.

96 8

securecookie

Efficient secure cookie encoding/decoding.

85 12

sessions

Dead simple, highly performant, highly customizable sessions service for go http servers.

79 11

otpgo

Time-Based One-Time Password (TOTP) and HMAC-Based One-Time Password (HOTP) library for Go.

77 10

scope

Easily Manage OAuth2 Scopes In Go.

42 8

authgate

A lightweight OAuth 2.0 Authorization Server supporting Device Authorization Grant ([RFC 8628](https://datatracker.ietf.org/doc/html/rfc8628)), Authorization Code Flow with PKCE ([RFC 6749](https://datatracker.ietf.org/doc/html/rfc6749) + [RFC 7636](https://datatracker.ietf.org/doc/html/rfc7636)), and Client Credentials Grant for machine-to-machine authentication.

40

go-iam

Developer-first Identity and Access Management system with a simple UI.

34 8

go-githubauth

Utilities for GitHub authentication: generate and use GitHub application and installation tokens.

28 6

cookiestxt

provides a parser of cookies.txt file format.

22 7

go-jwt

JWT authentication package providing access tokens and refresh tokens with fingerprinting, Redis storage, and automatic refresh capabilities.

17

permissions

Library for keeping track of users, login states, and permissions. Uses secure cookies and bcrypt.

12 1

x509proxy

Library to handle X509 proxy certificates.

7

go-jwt

A JWT (JSON Web Token) library for Go.

2