No description
This repository has been archived on 2022-08-17. You can view files and clone it, but cannot push or open issues or pull requests.
Find a file
Eric Chiang bfe560ee21 rename
2016-08-10 22:31:42 -07:00
cmd rename 2016-08-10 22:31:42 -07:00
connector rename 2016-08-10 22:31:42 -07:00
Documentation rename 2016-08-10 22:31:42 -07:00
examples rename 2016-08-10 22:31:42 -07:00
scripts *: determine version from git 2016-08-09 14:38:09 -07:00
server rename 2016-08-10 22:31:42 -07:00
storage rename 2016-08-10 22:31:42 -07:00
vendor *: revendor 2016-08-08 11:49:47 -07:00
version *: determine version from git 2016-08-09 14:38:09 -07:00
.gitignore initial commit 2016-07-26 15:51:24 -07:00
Dockerfile rename 2016-08-10 22:31:42 -07:00
glide.lock *: revendor 2016-08-08 11:49:47 -07:00
glide.yaml rename 2016-08-10 22:31:42 -07:00
glide_test.go initial commit 2016-07-26 15:51:24 -07:00
Makefile rename 2016-08-10 22:31:42 -07:00
README.md *: add warning to README 2016-08-10 22:26:36 -07:00

dex - A federated OpenID Connect provider

Caution image

This is an experimental version of dex that is likely to change in incompatible ways.

dex is an OAuth2 server that presents clients with a low overhead framework for identifying users while leveraging existing identity services such as Google Accounts, FreeIPA, GitHub, etc, for actual authentication. dex sits between your applications and an identity service, providing a backend agnostic flavor of OAuth2 called OpenID Connect, a spec will allows dex to support:

  • Short-lived, signed tokens with predefined fields (such as email) issued on behalf of users.
  • Well known discovery of OAuth2 endpoints.
  • OAuth2 mechanisms such as refresh tokens and revocation for long term access.
  • Automatic signing key rotation.

Any system which can query dex can cryptographically verify a users identity based on these tokens, allowing authentication events to be passed between backend services.

One such application that consumes OpenID Connect tokens is the Kubernetes API server, allowing dex to provide identity for any Kubernetes clusters.