Uncertified OpenID Connect Implementations

Below is a list of OpenID Connect implementations that have not attained OpenID Certification. While several of these implementations have been tested, they are maintained by members of the OpenID community or vendors and are not necessarily known to work. Please review the documentation and test your own implementation thoroughly before releasing to the public.

For a list of certified implementations, see openid.net/developers/certified/.

Elixir

Shield

OpenID server implementation using Elixir programming language and Phoenix Framework
License: MIT
Relying Party: No
Identity Provider: Yes
Target Environment: Phoenix Framework

Erlang

OpenID2Go

A Golang package that implements web service middleware for authenticating identities represented by ID Tokens.
License: MIT
Relying Party: Yes
Identity Provider: No

dex

We here at CoreOS have created dex, an OpenID Connect Identity Provider, written in Go. It’s secure, flexible and fairly easy-to-deploy and integrate with.
License: Apache 2.0
Relying Party: Yes
Identity Provider: Yes

Haskell

Broch

An OpenID Connect Provider implemented in Haskell. Currently more a research project than production ready.
License: BSD3
Relying Party: No
Identity Provider: Yes

Java

Nimbus OAuth 2.0 SDK with OpenID Connect extensions

Nimbus OAuth 2.0 SDK with OpenID Connect extensions
License: Apache 2.0
Relying Party: Yes
Identity Provider: Yes

MITREid Connect

MITREid Connect is a Java implementation of OpenID Connect, developed by Mitre Corporation and maintained by MIT-KIT.
License: Apache 2.0
Relying Party: Yes – Uncertified
Identity Provider: Yes – Certified
Target Environment: Spring Framework

Google OAuth Client Library for Java

Written by Google, this library is a powerful and easy to use Java client library for the OAuth 2 and OAuth 1.0a standards for authorization. It is built on the Google HTTP Client Library for Java.
License:
Relying Party: Yes
Identity Provider: No

Apache Oltu

Apache Oltu is an OAuth protocol implementation in Java. It also covers others “OAuth family” related implementations such as JWT, JWS and OpenID Connect.
License: Apache 2.0
Relying Party: Yes
Identity Provider: Yes
Target Environment: Apache

JavaScript

passport-openidconnect

OpenID Connect authentication strategy for Passport
License: MIT
Relying Party: Yes
Identity Provider: No
Target Environment: node.js

Perl

LemonLDAP::NG

Our last version (1.9.0) implements OpenID Connect as Relying Party and OpenID Provider.
License: GPL
Relying Party: Yes
Identity Provider: Yes
Target Environment: Perl

PHP

OpenID-Connect-PHP

A minimalist library supporting basic client authentication. Aims to make it simple enough for a developer with little knowledge of the OpenID Connect protocol to setup authentication.
License: Apache License, Version 2.0
Relying Party: Yes
Identity Provider: No
Target Environment: PHP, Apache, Nginx, etc.

oauth2-server-php

A library for implementing an OAuth2 Server in PHP. Has been extended to support OpenID Connect identity provider functionality.
License: MIT License
Relying Party: No
Identity Provider: Yes
Target Environment: PHP

Drupal OpenID Connect Plugin

Authentication to Drupal with OpenID Connect
License: GPL, version 2
Relying Party: Yes
Identity Provider: No
Target Environment: Drupal

Python

Django OIDC Provider

Provides you out of the box all the endpoints, data and logic needed to add OIDC capabilities to your Django projects. Developed by Juan Ignacio Fiorentino.
License: MIT
Relying Party: No
Identity Provider: Yes

Products

Amazon Web Services

Amazon Web Services supports OpenID Connect
License: Commercial
Relying Party: Yes
Identity Provider: No

Auth0

Auth0 (cloud and non-cloud) version includes OpenID Connect Identity Provider support
License: Commercial
Relying Party: Yes – Uncertified
Identity Provider: Yes – Certified

Axway API Gateway

Axway API Gateway includes identity provider and relying party support, with samples for both, including acting as relying party for Google.
License: Commercial
Relying Party: Yes
Identity Provider: Yes

Azure Active Directory

Microsoft Azure Active Directory includes OpenID Connect identity provider support.
License: Commercial
Relying Party: No
Identity Provider: Yes

CA API Gateway

CA API Gateway supports OAuth, OpenID Connect and JWT.
License: Commercial
Relying Party: Yes
Identity Provider: Yes

Gluu Server

The Gluu Server is a free open source identity and access management platform for single sign-on, mobile authentication, and API access management that includes a comprehensive implementation of an OpenID Connect Provider and Relying Party.
Target Environment: The Gluu Server OpenID Provider is written in Java; client libraries are available for Java, Python, Php, Node, Ruby, Go, Perl and C#.
License: See https://gluu.org/docs/#license
Relying Party: Yes – Uncertified
Identity Provider: Yes – Certified

OpenAM (Open Access Manager)

ForgeRock OpenAM is the all-in-one, highly scalable access management solution that supports OpenID Connect Identity Provider and Relying Party.
License: Commercial (Binary); Open Source (CDDL)
Relying Party: Yes – Uncertified
Identity Provider: Yes – Certified

OpenIG (Open Identity Gateway)

ForgeRock OpenIG is an application and API gateway that leverages SAML 2.0, OpenAM SSO, OAuth 2.0 and OpenID Connect. It supports OpenID Connect Relying Party.
License: Commercial (Binary); Open Source (CDDL)
Relying Party: Yes
Identity Provider: No

Uni-iD

NRI Uni-iD includes OpenID Connect Identity Provider and Relying Party support
License: Commercial
Relying Party: Yes – Uncertified
Identity Provider: Yes – Certified

WSO2 Identity Server

WSO2 Identity Server includes identity provider and sample relying party support.
License: Apache 2.0
Relying Party: Yes
Identity Provider: Yes

Uncertified OpenID Connect Implementations

Connect with us