OpenApps
OAuth2 Proxy

OAuth2 Proxy

GitHubWebsite

OAuth2 Proxy is a flexible, open-source tool that can act as either a standalone reverse proxy or a middleware component integrated into existing reverse proxy or load balancer setups. It provides a simple and secure way to protect web applications with OAuth2/OIDC authentication by intercepting requests and redirecting users to OAuth2 providers for authentication.

Similar self-hosted alternatives:
AutheliaAutheliaPomeriumPomeriumJauthJauth
Repository activity:
Stars
11,239
Forks
1,719
Watchers
88
Open Issues
226
Last commit
8 days ago
Details:
Estimated Popularity
49
Pricing Model
Free
Hosting Type
Self-Hosted
License
MIT
Deployment Difficulty
Medium
Language
Go

OAuth2 Proxy is a versatile authentication solution that brings OAuth2 and OpenID Connect authentication to web applications. Whether deployed as a standalone reverse proxy or integrated as middleware, it provides secure, standardized authentication while supporting a wide range of identity providers and deployment scenarios.

Key Features

  • Comprehensive OAuth2/OIDC Support:

    • Full OAuth2 and OpenID Connect implementation
    • Support for authorization code flow
    • Token validation and refresh
    • Secure session management
    • PKCE (Proof Key for Code Exchange) support
    • JWT token handling

  • Multiple Identity Provider Support:

    • Google OAuth integration
    • Microsoft Entra ID (Azure AD) support
    • GitHub OAuth authentication
    • Generic OIDC provider support
    • login.gov integration
    • Custom provider implementations

  • Flexible Deployment Options:

    • Standalone reverse proxy mode
    • Middleware integration mode
    • Kubernetes ingress controller integration
    • Docker container deployment
    • Load balancer integration
    • Cloud-native architecture

  • Advanced Authorization:

    • Email-based access control
    • Group and role-based authorization
    • Domain and organization restrictions
    • Custom authorization policies
    • Fine-grained permission control
    • Dynamic user validation

  • Security Features:

    • Secure HTTP-only cookie management
    • CSRF protection mechanisms
    • TLS/SSL encryption support
    • Token encryption and signing
    • Session timeout management
    • Security header injection

  • Request Processing:

    • HTTP header injection with user details
    • Username and group forwarding
    • Custom header configuration
    • Request path routing
    • Upstream service protection
    • API endpoint security

  • Enterprise Features:

    • High availability support
    • Horizontal scaling capabilities
    • Comprehensive logging
    • Metrics and monitoring
    • Health check endpoints
    • Configuration management

Technical Specifications

  • Language: Go
  • Protocols: HTTP/1.1, HTTP/2, HTTPS, OAuth2, OIDC
  • Platforms: Linux, Windows, macOS, Docker, Kubernetes
  • License: MIT
  • Package Formats: Binary, Docker, Helm charts
  • Configuration: Command-line flags, environment variables, config files

Use Cases

  • Web Application Protection: Securing web applications with OAuth2 authentication
  • API Gateway Security: Protecting API endpoints with token validation
  • Microservices Authentication: Centralized auth for microservice architectures
  • Enterprise SSO: Single sign-on integration with corporate identity providers
  • Development Environments: Secure access to development and staging services
  • Multi-tenant Applications: Tenant-specific authentication and authorization

Unique Advantages

  • Provider Flexibility: Support for multiple OAuth2 and OIDC providers
  • Deployment Versatility: Works as standalone proxy or integrated middleware
  • Enterprise Ready: Battle-tested with high availability and scaling features
  • Community Driven: Active open-source community with regular updates
  • Standards Compliant: Full OAuth2 and OIDC specification compliance
  • Easy Integration: Simple integration with existing infrastructure

Based on the OAuth2 Proxy GitHub repository, this tool provides organizations with a robust, flexible authentication solution that can be easily integrated into existing infrastructure while supporting modern OAuth2 and OpenID Connect standards, making it ideal for securing web applications and APIs in both cloud and on-premises environments.

Help improve this content

Found an error or want to add more information about OAuth2 Proxy? You can edit this page directly on GitHub.

Related Projects

Similar projects based on shared tags

reverse-proxyoauth2authentication+2 more
Keycloak
Keycloak
Keycloak is an open source identity and access management solution providing features like single sign-on, identity brokering and social login, user federation, strong authentication, and fine-grained authorization.
authidentity
Stars
27,573
Relative Popularity
128
Authelia
Authelia
Authelia is an open-source authentication and authorization server providing two-factor authentication and single sign-on (SSO) for your applications via a web portal. It acts as a companion for reverse proxies.
authidentity
Stars
24,062
Relative Popularity
99
SafeLine
SafeLine
SafeLine is a web application firewall and reverse proxy designed to protect web applications from attacks and exploits. It provides comprehensive security features including threat detection, attack prevention, and real-time monitoring with easy deployment through Docker.
wafsecurity
Stars
16,702
Relative Popularity
69
Explore More Projects

Project Categories

reverse-proxyoauth2authenticationoidcsecurity

Click on a category to explore similar projects