Open Source TypeScript Authentication Software

Better Auth is framework-agnostic authentication (and authorization) library for TypeScript. It provides a comprehensive set of features out of the box and includes a plugin ecosystem that simplifies adding advanced functionalities with minimal code in a short amount of time. Whether you need 2FA, multi-tenant support, or other complex features. It lets you focus on building your actual application instead of reinventing the wheel.

Appwrite is a self-hosted and cloud backend-as-a-service platform that provides developers with all the core APIs required to build any application. Build your entire backend within minutes and scale effortlessly using Appwrite's open-source platform. Add Authentication, Databases, Functions, Storage, and Messaging to your projects using the frameworks and languages of your choice.

Auth.js is a set of open-source packages that are built on standard Web APIs for authentication in modern applications with any framework on any platform in any JS runtime.

Let Leapp manage your Cloud credentials locally. Improve your workflow with the only open-source desktop app and CLI you’ll ever need. Your all-in-one solution to assign IAM Cloud access across teams. Cloud credentials are available with a click. Data stored locally encrypted in your System Vault. Work with your Cloud Identities from a single place. Automatic temporary Cloud credentials generation and rotation. Pick your Cloud Provider to add a Leapp Session. Choose from supported access methods or leverage your federated identity with SAML 2.0 compliant identity providers. Automatically provision your sessions from AWS Single Sign-On via Leapp Integration. Start your Session, and Leapp will automatically generate secure short-lived credentials for you. All sensitive data are stored in your local System Vault and used only when needed to provide best-in-class security.

OpenAuth is a universal, standards‑based authentication provider built on top of OAuth 2.0. It’s designed for self‑hosting and can function either as a standalone auth server or be embedded into an existing application. It supports web apps, mobile apps, single-page apps, APIs, and third‑party clients, and includes a themeable UI while storing minimal state in platforms like Cloudflare KV or DynamoDB.

Satellizer is a simple to use, end-to-end, token-based authentication module for AngularJS with built-in support for Google, Facebook, LinkedIn, Twitter, Instagram, GitHub, Bitbucket, Yahoo, Twitch, Microsoft (Windows Live) OAuth providers, as well as Email and Password sign-in. However, you are not limited to the sign-in options above, in fact you can add any OAuth 1.0 or OAuth 2.0 provider by passing provider-specific information in the app config block. With any Cordova mobile apps or any framework that uses Cordova, such as Ionic Framework, you will need to add cordova-plugin-inappbrowser plugin. Make sure that inAppBrowser is listed in your project. Authorization (obtaining user's information with their permission) and authentication (application sign-in) requires sever-side implementation.

Tesseral is an open-source authentication and identity management platform tailored for B2B SaaS applications, offering enterprise-grade features like SAML SSO, SCIM provisioning, RBAC, API key management, and audit logging through a unified API-first service.

Enterprise-ready SaaS Starter Kit is a Next.js-based SaaS Starter Kit that can save hundreds of development hours while building enterprise-ready SaaS apps. Kickstart your enterprise app development with Next.js SaaS Starter Kit.

This is Google's officially supported node.js client library for using OAuth 2.0 authorization and authentication with Google APIs. Use Application Default Credentials when you use a single identity for all users in your application. Especially useful for applications running on Google Cloud. Application Default Credentials also support workload identity federation to access Google Cloud resources from non-Google Cloud platforms. Use JWT when you are using a single identity for all users. Especially useful for server->server or server->API communication. Use workload identity federation to access Google Cloud resources from Amazon Web Services (AWS), Microsoft Azure or any identity provider that supports OpenID Connect (OIDC). Use workforce identity federation to access Google Cloud resources using an external identity provider (IdP) to authenticate and authorize a workforce—a group of users, such as employees, partners, and contractors.

The nativescript-fingerprint-auth plugin enables biometric authentication in NativeScript applications, allowing users to authenticate using fingerprint or facial recognition, enhancing security and user convenience.

An open-source authentication and SSO (Single Sign-On) solution that simplifies enterprise authentication for SaaS applications.