MIT

authentik

Self-hosted identity provider with flexible authentication flows

An open-source identity provider for modern SSO, built for self-hosting and extensible policy-driven flows.

Visit authentik View repository
authentik main image

In depth

What it is

authentik is an open-source identity provider for modern SSO, built for self-hosting and extensible policy-driven flows.

Key features

  • OIDC/SAML - Standards-based SSO for applications.
  • Flows - Configurable authentication and enrollment flows.
  • Directory integration - LDAP and provisioning integrations (deployment-dependent).
  • Outposts - Outpost components for proxy-style integrations.

Strengths

  • OIDC/SAML - Standards-based SSO for applications.
  • Flows - Configurable authentication and enrollment flows.
  • Directory integration - LDAP and provisioning integrations (deployment-dependent).

Trade-offs

  • Complexity - Flexible flow model increases configuration complexity.
  • Operations - Self-hosting adds upgrades, backups, and monitoring.
  • Integration variance - App integrations vary by protocol and connector depth.

Pricing

Open-source software. Direct license cost is zero; costs are typically infrastructure, operations, and optional paid support or hosting.

Explore alternatives
Okta logo

Okta

Enterprise identity platform for SSO and lifecycle management

Microsoft Entra ID logo

Microsoft Entra ID

Cloud identity service for workforce and apps

Keycloak logo

Keycloak

Open-source IAM for SSO, OIDC, and SAML

ZITADEL logo

ZITADEL

Open-source identity infrastructure for multi-tenant apps

See more