Uncertified OpenID Connect Implementations

Below is a list of OpenID Connect implementations that have not attained OpenID Certification. While several of these implementations have been tested, they are maintained by members of the OpenID community or vendors and are not necessarily known to work. Please review the documentation and test your own implementation thoroughly before releasing to the public.

For a list of certified implementations, see openid.net/developers/certified/.

Shield

  • OpenID server implementation using Elixir programming language and Phoenix Framework
  • License: MIT
  • Relying Party: No
  • Identity Provider: Yes
  • Target Environment: Phoenix Framework

OpenID2Go

  • A Golang package that implements web service middleware for authenticating identities represented by ID Tokens.
  • License: MIT
  • Relying Party: Yes
  • Identity Provider: No

 

dex

  • We here at CoreOS have created dex, an OpenID Connect Identity Provider, written in Go. It’s secure, flexible and fairly easy-to-deploy and integrate with.
  • License: Apache 2.0
  • Relying Party: Yes
  • Identity Provider: Yes

Broch

  • An OpenID Connect Provider implemented in Haskell. Currently more a research project than production ready.
  • License: BSD3
  • Relying Party: No
  • Identity Provider: Yes

Nimbus OAuth 2.0 SDK with OpenID Connect extensions

  • Nimbus OAuth 2.0 SDK with OpenID Connect extensions
  • License: Apache 2.0
  • Relying Party: Yes
  • Identity Provider: Yes

 

MITREid Connect

  • MITREid Connect is a Java implementation of OpenID Connect, developed by Mitre Corporation and maintained by MIT-KIT.
  • License: Apache 2.0
  • Relying Party: Yes – Uncertified
  • Identity Provider: Yes – Certified
  • Target Environment: Spring Framework

 

Google OAuth Client Library for Java

  • Written by Google, this library is a powerful and easy to use Java client library for the OAuth 2 and OAuth 1.0a standards for authorization. It is built on the Google HTTP Client Library for Java.
  • License:
  • Relying Party: Yes
  • Identity Provider: No

 

Apache Oltu

  • Apache Oltu is an OAuth protocol implementation in Java. It also covers others “OAuth family” related implementations such as JWT, JWS and OpenID Connect.
  • License: Apache 2.0
  • Relying Party: Yes
  • Identity Provider: Yes
  • Target Environment: Apache

passport-openidconnect

  • OpenID Connect authentication strategy for Passport
  • License: MIT
  • Relying Party: Yes
  • Identity Provider: No
  • Target Environment: node.js

LemonLDAP::NG

  • Our last version (1.9.0) implements OpenID Connect as Relying Party and OpenID Provider.
  • License: GPL
  • Relying Party: Yes
  • Identity Provider: Yes
  • Target Environment: Perl

OpenID-Connect-PHP

  • A minimalist library supporting basic client authentication. Aims to make it simple enough for a developer with little knowledge of the OpenID Connect protocol to setup authentication.
  • License: Apache License, Version 2.0
  • Relying Party: Yes
  • Identity Provider: No
  • Target Environment: PHP, Apache, Nginx, etc.

 

oauth2-server-php

  • A library for implementing an OAuth2 Server in PHP. Has been extended to support OpenID Connect identity provider functionality.
  • License: MIT License
  • Relying Party: No
  • Identity Provider: Yes
  • Target Environment: PHP

 

Drupal OpenID Connect Plugin

  • Authentication to Drupal with OpenID Connect
  • License: GPL, version 2
  • Relying Party: Yes
  • Identity Provider: No
  • Target Environment: Drupal

Django OIDC Provider

  • Provides you out of the box all the endpoints, data and logic needed to add OIDC capabilities to your Django projects. Developed by Juan Ignacio Fiorentino.
  • License: MIT
  • Relying Party: No
  • Identity Provider: Yes

Amazon Web Services

  • Amazon Web Services supports OpenID Connect
  • License: Commercial
  • Relying Party: Yes
  • Identity Provider: No

 

Auth0

  • Auth0 (cloud and non-cloud) version includes OpenID Connect Identity Provider support
  • License: Commercial
  • Relying Party: Yes – Uncertified
  • Identity Provider: Yes – Certified

 

Axway API Gateway

  • Axway API Gateway includes identity provider and relying party support, with samples for both, including acting as relying party for Google.
  • License: Commercial
  • Relying Party: Yes
  • Identity Provider: Yes

 

Azure Active Directory

  • Microsoft Azure Active Directory includes OpenID Connect identity provider support.
  • License: Commercial
  • Relying Party: No
  • Identity Provider: Yes

 

CA API Gateway

  • CA API Gateway supports OAuth, OpenID Connect and JWT.
  • License: Commercial
  • Relying Party: Yes
  • Identity Provider: Yes

 

Gluu Server

  • The Gluu Server is a free open source identity and access management platform for single sign-on, mobile authentication, and API access management that includes a comprehensive implementation of an OpenID Connect Provider and Relying Party.
  • Target Environment: The Gluu Server OpenID Provider is written in Java; client libraries are available for Java, Python, Php, Node, Ruby, Go, Perl and C#.
  • License: See https://gluu.org/docs/#license
  • Relying Party: Yes – Uncertified
  • Identity Provider: Yes – Certified

 

OpenAM (Open Access Manager)

  • ForgeRock OpenAM is the all-in-one, highly scalable access management solution that supports OpenID Connect Identity Provider and Relying Party.
  • License: Commercial (Binary); Open Source (CDDL)
  • Relying Party: Yes – Uncertified
  • Identity Provider: Yes – Certified

 

OpenIG (Open Identity Gateway)

  • ForgeRock OpenIG is an application and API gateway that leverages SAML 2.0, OpenAM SSO, OAuth 2.0 and OpenID Connect. It supports OpenID Connect Relying Party.
  • License: Commercial (Binary); Open Source (CDDL)
  • Relying Party: Yes
  • Identity Provider: No

 

Uni-iD

  • NRI Uni-iD includes OpenID Connect Identity Provider and Relying Party support
  • License: Commercial
  • Relying Party: Yes – Uncertified
  • Identity Provider: Yes – Certified

 

WSO2 Identity Server

  • WSO2 Identity Server includes identity provider and sample relying party support.
  • License: Apache 2.0
  • Relying Party: Yes
  • Identity Provider: Yes