All Projects → babelouest → Glewlwyd

babelouest / Glewlwyd

Licence: gpl-3.0
Single Sign On server, OAuth2, Openid Connect, multiple factor authentication with, HOTP/TOTP, FIDO2, TLS Certificates, etc. extensible via plugins

Programming Languages

50402 projects - #5 most used programming language

Projects that are alternatives of or similar to Glewlwyd

multiOTP open source strong two factor authentication PHP library, OATH certified, with TOTP, HOTP, Mobile-OTP, YubiKey, SMS, QRcode provisioning, etc.
Stars: ✭ 173 (-40.75%)
Mutual labels:  ldap, otp, totp, yubikey, hotp
multiOTP Credential Provider is a V2 Credential Provider for Windows 7/8/8.1/10/2012(R2)/2016 with options like RDP only and UPN name support
Stars: ✭ 121 (-58.56%)
Mutual labels:  ldap, otp, yubikey, totp, hotp
Nginx Sso
SSO authentication provider for the auth_request nginx module
Stars: ✭ 195 (-33.22%)
Mutual labels:  ldap, oauth2, totp, yubikey
The Single Sign-On Multi-Factor portal for web apps
Stars: ✭ 11,094 (+3699.32%)
Mutual labels:  ldap, totp, yubikey
Highly secure and easy to use OTP client written in C/GTK that supports both TOTP and HOTP
Stars: ✭ 206 (-29.45%)
Mutual labels:  otp, totp, hotp
Enhanced fork of FreeOTP-Android providing a feature-rich 2FA authenticator
Stars: ✭ 223 (-23.63%)
Mutual labels:  otp, totp, hotp
One Time Password (HOTP/TOTP) library for Node.js, Deno and browsers.
Stars: ✭ 135 (-53.77%)
Mutual labels:  otp, totp, hotp
Go Guardian
Go-Guardian is a golang library that provides a simple, clean, and idiomatic way to create powerful modern API and web authentication.
Stars: ✭ 204 (-30.14%)
Mutual labels:  ldap, totp, hotp
CrOTP - One Time Passwords for Crystal
Stars: ✭ 62 (-78.77%)
Mutual labels:  otp, totp, hotp
iOS, watchOS, & macOS One-Time Password client
Stars: ✭ 14 (-95.21%)
Mutual labels:  otp, totp, hotp
A Web app to manage your Two-Factor Authentication (2FA) accounts and generate their security codes
Stars: ✭ 664 (+127.4%)
Mutual labels:  otp, totp, hotp
HMAC-based (HOTP) and Time-based (TOTP) One-Time Password manager. Works with Google Authenticator for Two-Factor Authentication.
Stars: ✭ 79 (-72.95%)
Mutual labels:  otp, totp, hotp
HOTP and TOTP token generation
Stars: ✭ 33 (-88.7%)
Mutual labels:  otp, totp, hotp
A free, secure and open source app for Android to manage your 2-step verification tokens.
Stars: ✭ 2,692 (+821.92%)
Mutual labels:  otp, totp, hotp
🔑 A small library for generating TOTP and HOTP one-time passwords on iOS.
Stars: ✭ 243 (-16.78%)
Mutual labels:  otp, totp, hotp
Yubikey Manager Qt
Cross-platform application for configuring any YubiKey over all USB interfaces.
Stars: ✭ 137 (-53.08%)
Mutual labels:  otp, yubikey, hotp
🔐 A PHP library for generating one time passwords according to RFC 4226 (HOTP) and the RFC 6238 (TOTP)
Stars: ✭ 857 (+193.49%)
Mutual labels:  otp, totp, hotp
Javascript One-Time Password module.
Stars: ✭ 71 (-75.68%)
Mutual labels:  otp, totp, hotp
A small and easy-to-use one-time password generator library for Java according to RFC 4226 (HOTP) and RFC 6238 (TOTP).
Stars: ✭ 107 (-63.36%)
Mutual labels:  otp, totp, hotp
HMAC Based One Time Passwords in PHP. RFC4226 and RFC6238 compliant.
Stars: ✭ 51 (-82.53%)
Mutual labels:  otp, totp, hotp

Glewlwyd SSO server

C/C++ CI CodeQL CII Best Practices

Single-Sign-On (SSO) server with multiple factor authentication for OAuth2 and OpenID Connect authentication

Glewlwyd 2.5.2 is available. Feel free to install it, test it, use it, and send feedback if you feel like it!

logged in

Process supported:

User authentication via multiple factors:

Users and clients can be storage backends:

User registration

New users can register a new account with the possibility to confirm their e-mail address or not. During the registration process, the new user may be expected to register their passwords, as well as other authentication factors:

  • One-time password (TOTP/HOTP)
  • WebAuthn (Yubikey, Android devices)
  • TLS Certificate
  • External OAuth2/OIDC providers

Existing users can update their e-mail by sending a confirmation link to the new e-mail.

Existing users can reset their credentials if their password or authentication schemes are lost or unavailable. Credentials can be reset by different factors:

  • A link sent to the user's e-mail
  • A one-time use recovery code

See the register/update e-mail/reset credentials documentation for more information on the registration, update e-mail or reset credentials features.

Based on a plugin architecture to make it easier to add or update storage backends, authentication schemes or process.

Passwordless authentication

Adding new authentication schemes or backend storage for users and clients is possible via the plugin architecture.

The backend API server is fully written in C and uses a small amount of resources.

Its plugin architecture makes it easy to add new modules or plugins, or modify existing ones with less risks to have unmaintainable code.


The full installation documentation is available in the Install documentation.


A docker image is available for tests on localhost, run the following command:

$ docker run --rm -it -p 4593:4593 babelouest/glewlwyd:latest

And open the address http://localhost:4593/ on your browser.

  • User: admin
  • Password: password

This Docker image can be used for tests or for real use by changing the configuration files. More information in the install documentation.

Getting started

The Getting started documentation will help administrators configure Glewlwyd's modules and authentication schemes.

User documentation

The user documentation will help Glewlwyd's users manage their profile and log in to Glewlwyd.

Core API

The full core REST API documentation is available in the API documentation

Plugins architecture

You can update the existing plugins or add new ones depending on your needs, check out the documentation available for each type of plugin:


Go to the Screenshots folder to get a visual idea of Glewlwyd.

Questions, problems or feature requests

You can open an issue, a pull request or send me an e-mail. Any help is much appreciated!

You can visit the IRC channel #glewlwyd on the Freenode network.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].