Authority - OAuth 2.0 Server


Repo -

Authority is an easy to use highly cuztomizable OpenID Connect and OAuth Provider written in Crystal - Security-first, open source API security for your infrastructure. SDKs to come.

Authority is a OpenID OAuth 2.0 Server and OpenID Connect Provider optimized for low-latency, high throughput, and low resource consumption. Authority has a built in identity provider user login.

Implementing and using OAuth2 without understanding the whole specification is challenging and prone to errors, even when SDKs are being used. The primary goal of Authority is to make OAuth 2.0 and OpenID Connect 1.0 better accessible.

Available features:

  • [x] Authorization code grant
  • [x] Implicit grant
  • [x] Resource owner credentials grant
  • [x] Client credentials grant
  • [x] Refresh token grant
  • [x] OpenID Connect
  • [x] PKCE
  • [ ] Token Introspection
  • [ ] Token Revocation
  • [ ] Authentication Providor (Register Owners aka Users)
  • [ ] Client Provider (Register Client Apps)