Uncertified OpenID Connect Implementations

Below is a list of OpenID Connect implementations that have not attained OpenID Certification. While several of these implementations have been tested, they are maintained by members of the OpenID community or vendors and are not necessarily known to work. Please review the documentation and test your own implementation thoroughly before releasing to the public.

For a list of certified implementations, see http://openid.net/developers/certified/.

Elixir

Shield

• OpenID server implementation using Elixir programming language and Phoenix Framework
• License: MIT
• Relying Party: No
• Identity Provider: Yes
• Target Environment: Phoenix Framework

Erlang

oidcc

• Developed as part of the Token Translation Service product for the INDIGO DataCloud project
• License: Apache 2.0
• Relying Party: Yes
• Identity Provider: No

Go

OpenID2Go

• A Golang package that implements web service middleware for authenticating identities represented by ID Tokens.
• License: MIT
• Relying Party: Yes
• Identity Provider: No

dex

• We here at CoreOS have created dex, an OpenID Connect Identity Provider, written in Go. It’s secure, flexible and fairly easy-to-deploy and integrate with.
• License: Apache 2.0
• Relying Party: Yes
• Identity Provider: Yes

Haskell

Broch

• An OpenID Connect Provider implemented in Haskell. Currently more a research project than production ready.
• License: BSD3
• Relying Party: No
• Identity Provider: Yes

Java

Nimbus OAuth 2.0 SDK with OpenID Connect extensions

• Nimbus OAuth 2.0 SDK with OpenID Connect extensions
• License: Apache 2.0
• Relying Party: Yes
• Identity Provider: Yes

MITREid Connect

• MITREid Connect is a Java implementation of OpenID Connect, developed by Mitre Corporation and maintained by MIT-KIT.
• License: Apache 2.0
• Relying Party: Yes – Uncertified
• Identity Provider: Yes – Certified
• Target Environment: Spring Framework

Google OAuth Client Library for Java

• Written by Google, this library is a powerful and easy to use Java client library for the OAuth 2 and OAuth 1.0a standards for authorization. It is built on the Google HTTP Client Library for Java.
• License:
• Relying Party: Yes
• Identity Provider: No

Apache Oltu

• Apache Oltu is an OAuth protocol implementation in Java. It also covers others “OAuth family” related implementations such as JWT, JWS and OpenID Connect.
• License: Apache 2.0
• Relying Party: Yes
• Identity Provider: Yes
• Target Environment: Apache

JavaScript

passport-openidconnect

• OpenID Connect authentication strategy for Passport
• License: MIT
• Relying Party: Yes
• Identity Provider: No
• Target Environment: node.js

Perl

LemonLDAP::NG

• Our last version (1.9.0) implements OpenID Connect as Relying Party and OpenID Provider.
• License: GPL
• Relying Party: Yes
• Identity Provider: Yes
• Target Environment: Perl

PHP

OpenID-Connect-PHP

• A minimalist library supporting basic client authentication. Aims to make it simple enough for a developer with little knowledge of the OpenID Connect protocol to setup authentication.
• License: Apache License, Version 2.0
• Relying Party: Yes
• Identity Provider: No
• Target Environment: PHP, Apache, Nginx, etc.

oauth2-server-php

• A library for implementing an OAuth2 Server in PHP. Has been extended to support OpenID Connect identity provider functionality.
• License: MIT License
• Relying Party: No
• Identity Provider: Yes
• Target Environment: PHP

Drupal OpenID Connect Plugin

• Authentication to Drupal with OpenID Connect
• License: GPL, version 2
• Relying Party: Yes
• Identity Provider: No
• Target Environment: Drupal

Python

Django OIDC Provider

Products

Amazon Web Services

• Amazon Web Services supports OpenID Connect
• License: Commercial
• Relying Party: Yes
• Identity Provider: No

Auth0

• Auth0 (cloud and non-cloud) version includes OpenID Connect Identity Provider support
• License: Commercial
• Relying Party: Yes – Uncertified
• Identity Provider: Yes – Certified

Axway API Gateway

• Axway API Gateway includes identity provider and relying party support, with samples for both, including acting as relying party for Google.
• License: Commercial
• Relying Party: Yes
• Identity Provider: Yes

Azure Active Directory

• Microsoft Azure Active Directory includes OpenID Connect identity provider support.
• License: Commercial
• Relying Party: No
• Identity Provider: Yes

CA API Gateway

• CA API Gateway supports OAuth, OpenID Connect and JWT.
• License: Commercial
• Relying Party: Yes
• Identity Provider: Yes

Gluu Server

• The Gluu Server is a free open source identity and access management platform for single sign-on, mobile authentication, and API access management that includes a comprehensive implementation of an OpenID Connect Provider and Relying Party.
• Target Environment: The Gluu Server OpenID Provider is written in Java; client libraries are available for Java, Python, Php, Node, Ruby, Go, Perl and C#.
• License: See https://gluu.org/docs/#license
• Relying Party: Yes – Uncertified
• Identity Provider: Yes – Certified

OpenAM (Open Access Manager)

• ForgeRock OpenAM is the all-in-one, highly scalable access management solution that supports OpenID Connect Identity Provider and Relying Party.
• License: Commercial (Binary); Open Source (CDDL)
• Relying Party: Yes – Uncertified
• Identity Provider: Yes – Certified

OpenIG (Open Identity Gateway)

• ForgeRock OpenIG is an application and API gateway that leverages SAML 2.0, OpenAM SSO, OAuth 2.0 and OpenID Connect. It supports OpenID Connect Relying Party.
• License: Commercial (Binary); Open Source (CDDL)
• Relying Party: Yes
• Identity Provider: No

Uni-iD

• NRI Uni-iD includes OpenID Connect Identity Provider and Relying Party support
• License: Commercial
• Relying Party: Yes – Uncertified
• Identity Provider: Yes – Certified

WSO2 Identity Server

• WSO2 Identity Server includes identity provider and sample relying party support.
• License: Apache 2.0
• Relying Party: Yes
• Identity Provider: Yes