Latest Version Github Repo Stars Open Source Helpers badge Go Report Go Coverage golangci-lint
π‘ VigiloAuth is under active development and already supports core OAuth2 and OIDC flows, with more on the way!
βοΈ Apache 2.0 License: This server is free and open source, developed for community use and OIDF certification.
π¬ Join the Conversation: We're gathering feedback and ideas in the discussion threads. Come share your thoughts!
π» The Admin UI can be found here
VigiloAuth is designed to simplify the implementation of OAuth 2.0 and OpenID Connect (OIDC) authentication servers. Whether you need a full-fledged authentication server, an identity server, or both, VigiloAuth provides compliant endpoints that you can easily integrate into your application without writing any complex code.
With VigiloAuth, you can quickly set up secure authentication and identity management solutions for your application, allowing users to authenticate and easily manage their identities. VigiloAuth comes pre-configured with common authentication flows and identity management endpoints, saving you time and effort while making sure that your system complies with industry standards.
Whether you are building a simple app or a complex enterprise system, VigiloAuth provides a solid foundation for handling authentication and identity management with minimal effort.
- β User Registration
- β User Email Verification
- β Basic User Authentication
- β OAuth User Authentication
- β Authorization Code Flow
- β Authorization Code Flow With PKCE
- β Resource Owner Password Credentials Flow
- β Client Credentials Flow
- β Dynamic Client Registration
- β Audit Logging
- β Docker Server Instance
- β Token Refresh
- β Token Introspection
- β Token Revocation
- β OIDC UserInfo Endpoint
- β OIDC Discovery Endpoint
- β OIDC JSON Web Key Set Endpoint
- β In Memory Storage
- π οΈ Realm Support
- π οΈ Phone Number Verification
- π οΈ Password Recovery
- π οΈ User Profile Management
- π οΈ Role-Based Access Control (RBAC)
- π οΈ Scope-Based Access Control
- π οΈ User Consent Management
- π οΈ Time-Based OTP Authentication
- π οΈ Backup Recovery Codes
- π οΈ Implicit Grant Flow
- π οΈ OIDC Hybrid Flow
- π οΈ Device Authorization Grant
- π οΈ Back Channel Authentication Flow
- π οΈ Social Login Integration Hooks
- π οΈ Dynamic Database Configuration
- π οΈ UI for User Authentication
You can find the list of our currently passing conformance tests here.
Comprehensive documentation is available in the User Guide.
We welcome contributions to improve VigiloAuth! Follow the steps below to ensure a smooth contribution process.
If you're a first-time contributor, check out our Good First Issues.
If you have found a security vulnerability, please follow our instructions on how to properly report it.
- Fork the Repository: Create your own fork on GitHub.
- Clone Your Fork: Clone it to your local development environment.
- Create a Branch: Create a new branch from
master(e.g.,feature/my-feature). - Make Your Changes: Implement your changes in alignment with project goals.
- Write Tests: Add or update tests to cover your changes.
- Commit Your Changes: Use Conventional Commits (see below).
- Push Your Changes: Push your branch to your GitHub fork.
- Open a Pull Request: Submit a PR to the main repository and clearly describe your changes.
We follow the Conventional Commit standards to ensure clear and meaningful commit messages. Use the format:
<type>[optional scope]: <description>
[optional body]
[optional footer(s)]
breaking: Introduce a breaking change that may require users to modify their code or dependencies.feat: Add a new feature that enhances the functionality of the project.fix: Apply a bug fix that resolves an issue without affecting functionality.task: Add or modify internal functionality that supports the codebase but doesn't introduce a new feature or fix a bug (e.g., utility methods, service logic, or internal improvements).docs: Update documentation, such as fixing typos or adding new information.style: Changes that donβt affect the codeβs behavior, like formatting or code style adjustments.refactor: Refactor code without adding features or fixing bugs.test: Add or modify tests.chore: Miscellaneous changes like updates to build tools or dependencies.
For more information about contributing, please read our contribution guide
To get started with VigiloAuth, follow this minimal example:
1. Create a vigilo.yaml configuration file
log_level: debug server_config: port: 8080 session_cookie_name: vigilo-session domain: auth.example.com force_https: true read_timeout: 30 write_timeout: 30
2. Create a .env file for secrets
SMTP_USERNAME=your_smtp_user SMTP_FROM_ADDRESS=auth@yourdomain.com SMTP_PASSWORD=your_smtp_password TOKEN_ISSUER=auth.yourdomain.com TOKEN_PRIVATE_KEY=base64_encoded_private_key TOKEN_PUBLIC_KEY=base64_encoded_public_key
3. Create a docker-compose.yaml file
version: '3.9' services: vigilo-auth: image: vigiloauth/server:latest container_name: vigilo-auth ports: - "8080:8080" volumes: - ./vigilo.yaml:/app/vigilo.yaml environment: VIGILO_CONFIG_PATH: /app/vigilo.yaml SMTP_USERNAME: ${SMTP_USERNAME} SMTP_FROM_ADDRESS: ${SMTP_FROM_ADDRESS} SMTP_PASSWORD: ${SMTP_PASSWORD} TOKEN_ISSUER: ${TOKEN_ISSUER} TOKEN_PRIVATE_KEY: ${TOKEN_PRIVATE_KEY} TOKEN_PUBLIC_KEY: ${TOKEN_PUBLIC_KEY}
4. Run the server
docker-compose up
For the full configuration guide and how to include the Admin-UI, refer to the User Guide
Copyright 2024 Olivier PimparΓ©-Charbonneau
Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.