Single-Sign-On (SSO) server with multiple factor authentication.
Authentication processus supported:
- OAuth2
- OpenID Connect
Allows users to authenticate via multiple factors:
- Password
- One-time password (TOTP/HOTP)
- Webauthn (Yubikey, Android devices)
- One-time password sent via e-mail
- TLS Certificate
- External OAuth2/OIDC providers
Users and clients can be stored and managed from various backends:
- Database
- LDAP service
- HTTP Backend service providing Basic Authentication
Allows users to register a new account with the possibility to confirm their e-mail address or not. During the registration process, the new user may be expected to register their passwords, as well as other authentication factors:
- One-time password (TOTP/HOTP)
- Webauthn (Yubikey, Android devices)
- TLS Certificate
- External OAuth2/OIDC providers
See the register documentation for more information on the registration features.
Based on a plugin architecture to make it easier to add or update storing backends, authentication schemes or processus.
Allows passwordless authentication.
Adding new authentication schemes or backend storage for users and clients is possible via the plugin architecture.
The backend API server is fully written in C and uses a small amount of resources.
Its plugin architecture makes it easy to add new modules or plugins, or modify existing ones with less risks to have unmaintainable code.
Glewlwyd 2.3 is released. Feel free to install, test it, and send feedbacks if you feel like it.
Important! Due to a complete database reworking of the application, you can't upgrade an existing installation from Glewlwyd 1.x to Glewlwyd 2.x.
The full installation documentation is available in the install documentation.
A docker image is available for tests on localhost, run the following command:
$ docker run --rm -it -p 4593:4593 babelouest/glewlwydAnd open the address http://localhost:4593/ on your browser.
- User:
admin - Password:
password
More information in the install documentation.
The Getting started documentation will help administrators configure Glewlwyd's modules and authentication schemes.
The user documentation will help Glewlwyd's users manage their profile and log in to Glewlwyd.
The full core REST API documention is available in the API documentation
You can update the existing plugins or add new ones depending on your needs, check out the documentation available for each type of plugin:
- User backend modules
- Client backend modules
- Authentication schemes modules
- Plugins (Register, OAuth2 or OIDC plugins)
Go to the Screenshots folder to get a visual idea of Glewlwyd.
You can open an issue, a pull request or send me an e-mail. Any help is much appreciated!
You can visit the IRC channel #glewlwyd on the Freenode network.