No description
This repository has been archived on 2022-08-17. You can view files and clone it, but cannot push or open issues or pull requests.
Find a file
2016-08-09 15:27:10 -07:00
cmd *: determine version from git 2016-08-09 14:38:09 -07:00
connector *: implement the OpenID Connect connector 2016-08-08 11:49:47 -07:00
Documentation/proposals proposals: user objects for revoking refresh tokens and merging accounts 2016-08-08 10:31:59 -07:00
example *: implement the OpenID Connect connector 2016-08-08 11:49:47 -07:00
scripts *: determine version from git 2016-08-09 14:38:09 -07:00
server server: update discovery to include offline_access scope 2016-08-08 19:10:32 -07:00
storage *: load static clients from config file 2016-08-05 09:54:03 -07:00
vendor *: revendor 2016-08-08 11:49:47 -07:00
version *: determine version from git 2016-08-09 14:38:09 -07:00
.gitignore initial commit 2016-07-26 15:51:24 -07:00
Dockerfile *: add dockerfile 2016-08-09 15:27:10 -07:00
glide.lock *: revendor 2016-08-08 11:49:47 -07:00
glide.yaml *: bump oidc client package to latest 2016-08-08 11:49:47 -07:00
glide_test.go initial commit 2016-07-26 15:51:24 -07:00
Makefile *: add dockerfile 2016-08-09 15:27:10 -07:00
README.md *: add README 2016-08-09 12:40:01 -07:00

dex - A federated OpenID Connect provider

dex is an OAuth2 server that presents clients with a low overhead framework for identifying users while leveraging existing identity services such as Google Accounts, FreeIPA, GitHub, etc, for actual authentication. dex sits between your applications and an identity service, providing a backend agnostic flavor of OAuth2 called OpenID Connect, a spec will allows dex to support:

  • Short-lived, signed tokens with predefined fields (such as email) issued on behalf of users.
  • Well known discovery of OAuth2 endpoints.
  • OAuth2 mechanisms such as refresh tokens and revocation for long term access.
  • Automatic signing key rotation.

Any system which can query dex can cryptographically verify a users identity based on these tokens, allowing authentication events to be passed between backend services.

One such application that consumes OpenID Connect tokens is the Kubernetes API server, allowing dex to provide identity for any Kubernetes clusters.