No description
f45a1a9375
Enable groups scope |
||
---|---|---|
api | ||
cmd | ||
connector | ||
Documentation | ||
examples | ||
scripts | ||
server | ||
storage | ||
vendor | ||
version | ||
web/templates | ||
.gitignore | ||
.travis.yml | ||
DCO | ||
Dockerfile | ||
glide.lock | ||
glide.yaml | ||
glide_test.go | ||
LICENSE | ||
Makefile | ||
README.md |
dex - A federated OpenID Connect provider
Dex is an OpenID Connect server that allows users to login through upstream identity providers. Clients use a standards-based OAuth2 flow to login users, while the actual authentication is performed by established user management systems such as Google, GitHub, FreeIPA, etc.
OpenID Connect is a flavor of OAuth that builds on top of OAuth2 using the JOSE standards. This allows dex to provide:
- Short-lived, signed tokens with standard fields (such as email) issued on behalf of users.
- "well-known" discovery of OAuth2 endpoints.
- OAuth2 mechanisms such as refresh tokens and revocation for long term access.
- Automatic signing key rotation.
Standards-based token responses allows applications to interact with any OpenID Connect server instead of writing backend specific "access_token" dances. Systems that can already consume ID Tokens issued by dex include:
Documentation
- Getting started
- What's new in v2
- Storage options
- Intro to OpenID Connect
- gRPC API
- Identity provider logins (coming soon!)
- Client libraries (coming soon!)
Getting help
- For bugs and feature requests (including documentation!), file an issue.
- For general discussion about both using and developing dex, join the dex-dev mailing list.
- For more details on dex development plans, check out the GitHub milestones.