OpenApps
Authentik logo

Alternatives to Authentik

Authentik is an open-source Identity Provider focused on flexibility and versatility. It supports multiple authentication protocols and can serve as a self-hosted alternative to commercial solutions like Okta, Auth0, and Entra ID. Find open source and proprietary alternatives that serve similar purposes.

License:NOASSERTION
Stars:16,477
Difficulty:Medium
Pricing:Open-Core
Hosting:Hybrid

Self-hosted alternatives to Authentik

Open source projects that can replace Authentik:

Keycloak logo

Keycloak

27,578
Apache-2.0

Keycloak is a comprehensive open source identity and access management solution that enables organizations to secure modern applications and services with minimal effort. It provides built-in support for authentication, authorization, user management and more.

Key Features

  • Authentication Methods:

    • Username/password login
    • Social login providers
    • Two-factor authentication
    • Single sign-on (SSO)
    • Identity brokering
    • LDAP/Active Directory integration
    • Kerberos support

  • User Management:

    • Self-service registration
    • Password policies
    • User federation
    • Group management
    • Role-based access control
    • User attribute management

  • Security Features:

    • Fine-grained authorization
    • Session management
    • Brute force protection
    • Account security features
    • Token-based authentication
    • TLS support

  • Integration Capabilities:

    • OpenID Connect support
    • SAML 2.0 support
    • OAuth 2.0 flows
    • REST APIs
    • Multiple client adapters
    • Custom extensions

Who Should Use Keycloak

Keycloak is ideal for:

  • Organizations needing centralized authentication
  • Teams building modern applications
  • Enterprises requiring SSO capabilities
  • Projects needing social login integration
  • Deployments requiring strong security
  • Multi-tenant environments

Installation Requirements

  • Java Runtime Environment
  • Database (PostgreSQL recommended)
  • Reverse proxy (optional)
  • Docker support (optional)
  • Sufficient memory (min 512MB RAM)
Authelia logo

Authelia

24,063
Apache-2.0

Authelia is a comprehensive authentication and authorization server that provides single sign-on (SSO) and two-factor authentication for web applications. It integrates with reverse proxies to secure access to your services through a modern web portal.

Key Features

  • Authentication Methods:

    • Username/password authentication
    • Two-factor authentication (2FA)
    • WebAuthn/FIDO2 support
    • Time-based One-Time Passwords (TOTP)
    • Mobile push notifications via Duo
    • Passwordless authentication with Passkeys

  • Access Control:

    • Fine-grained access rules
    • Domain-based policies
    • User/group based restrictions
    • Network-level controls
    • One-factor vs two-factor policy options

  • Integration Capabilities:

    • OpenID Connect 1.0 provider
    • OAuth 2.0 support
    • Reverse proxy compatibility
    • LDAP integration
    • Multiple storage backends
    • REST API access

  • Security Features:

    • Brute force protection
    • Password reset with email verification
    • Session management
    • Secure cookie handling
    • TLS support
    • Security headers

Who Should Use Authelia

Authelia is ideal for:

  • Organizations requiring self-hosted authentication
  • Teams needing SSO capabilities
  • Environments requiring 2FA/MFA
  • Security-conscious deployments
  • Multi-service infrastructures
  • Privacy-focused implementations

Installation Requirements

  • Reverse proxy (nginx, Traefik, etc.)
  • Storage backend (SQL database)
  • SMTP server for notifications
  • Redis (optional, for high availability)
  • Docker (recommended)

More auth projects

Discover other open source projects in the auth category:

Casdoor
Casdoor
Casdoor is an open-source Identity and Access Management (IAM) / Single-Sign-On (SSO) platform with a web UI supporting multiple authentication protocols including OAuth 2.0, OIDC, SAML, CAS, LDAP, SCIM, WebAuthn, and more.
authidentity
Stars
11,665
Relative Popularity
50
License
Apache-2.0
ZITADEL
ZITADEL
ZITADEL is an open-source identity and access management platform with built-in multi-tenancy, providing authentication, authorization, and user management capabilities. It offers both self-hosted and cloud options with features like SSO, OIDC, SAML, and passkey support.
authidentity
Stars
10,792
Relative Popularity
45
License
AGPL-3.0
Logto
Logto
Logto is a modern, open-source authentication infrastructure focused on SaaS and AI applications. It provides multi-tenancy, enterprise SSO, and RBAC capabilities while simplifying OIDC and OAuth 2.1 implementation.
authidentity
Stars
10,221
Relative Popularity
42
License
MPL-2.0
Pocket ID
Pocket ID
Pocket ID is a simple OIDC provider focused on passkey authentication, allowing users to securely access services without passwords. It provides a streamlined alternative to more complex identity providers.
authidentity
Stars
2,773
Relative Popularity
11
License
BSD-2-Clause
FusionAuth
FusionAuth
FusionAuth is a modern customer identity and access management (CIAM) platform that provides authentication, authorization, and user management capabilities. It offers flexible deployment options including self-hosted and cloud-hosted solutions.
authidentity
Stars
94
Relative Popularity
1
License
Proprietary

Showing 1-5 of 5 projects in auth

Explore by Category

authidentityoauth2ssosecurity

Find more projects in these tags