2018-08-27 04:46:15 +07:00
< p align = "center" >
2019-12-06 03:52:04 +07:00
< img src = "./docs/images/authelia-title.png" width = "350" title = "Authelia" >
2018-08-27 04:46:15 +07:00
< / p >
2016-12-18 18:35:56 +07:00
2019-04-18 04:02:10 +07:00
[![license ](https://img.shields.io/badge/license-Apache%202.0-green.svg )][Apache 2.0]
2017-01-29 22:29:36 +07:00
[![Build ](https://travis-ci.org/clems4ever/authelia.svg?branch=master )](https://travis-ci.org/clems4ever/authelia)
2018-08-29 02:04:57 +07:00
[![Gitter ](https://img.shields.io/gitter/room/badges/shields.svg )](https://gitter.im/authelia/general?utm_source=share-link& utm_medium=link& utm_campaign=share-link)
2016-12-18 02:19:10 +07:00
2019-03-25 00:45:32 +07:00
**Authelia** is an open-source authentication and authorization server
providing 2-factor authentication and single sign-on (SSO) for your
2019-04-18 04:02:10 +07:00
applications via a web portal.
It acts as a companion of reverse proxies like [nginx] or [Traefik] by handling forwarded authentication and authorization requests.
2019-11-21 00:49:37 +07:00
BREAKING NEWS: Authelia v4 stable release is coming soon! The new version is written in Go for reliability, performance and security improvements. A docker image is currently available in alpha version on dockerhub.
2019-11-17 22:31:27 +07:00
Please read BREAKING.md if you want to migrate from v3 to v4. Otherwise, start fresh in v4 and enjoy!
2019-10-29 05:41:21 +07:00
2019-04-18 04:02:10 +07:00
< p align = "center" >
2019-12-06 03:52:04 +07:00
< img src = "./docs/images/logos/authelia.logo.png" height = "100" / >
< img src = "./docs/images/plus.png" height = "100" / >
< img src = "./docs/images/logos/nginx.logo.png" height = "100" / >
< img src = "./docs/images/logos/traefik.logo.png" height = "100" / >
2019-04-18 04:02:10 +07:00
< / p >
2018-04-26 14:22:40 +07:00
2018-08-27 04:46:15 +07:00
**Authelia** can be installed as a standalone service using Docker or NPM
2019-04-18 04:02:10 +07:00
but can also be deployed easily on [Kubernetes] leveraging ingress controllers and ingress configuration.
< p align = "center" >
2019-12-06 03:52:04 +07:00
< img src = "./docs/images/logos/kubernetes.logo.png" height = "100" / >
< img src = "./docs/images/logos/docker.logo.png" width = "100" >
2019-04-18 04:02:10 +07:00
< / p >
Here is what Authelia's portal looks like
2018-04-26 14:22:40 +07:00
2018-08-27 04:46:15 +07:00
< p align = "center" >
2019-12-06 03:52:04 +07:00
< img src = "./docs/images/1FA.png" width = "400" / >
< img src = "./docs/images/2FA-METHODS.png" width = "400" / >
2018-08-27 04:46:15 +07:00
< / p >
2017-01-29 22:29:36 +07:00
2018-08-27 04:46:15 +07:00
## Features summary
2017-07-14 05:52:07 +07:00
2018-08-27 04:46:15 +07:00
Here is the list of the main available features:
2017-07-14 05:52:07 +07:00
2019-03-25 00:45:32 +07:00
* Several kind of second factor:
2019-12-06 03:52:04 +07:00
* **[Security Key (U2F)](./docs/2factor/security-key.md)** with [Yubikey].
* **[Time-based One-Time password](./docs/2factor/time-based-one-time-password.md)** with [Google Authenticator].
* **[Mobile Push Notifications](./docs/2factor/duo-push-notifications.md)** with [Duo ](https://duo.com/ ).
2019-04-18 04:02:10 +07:00
* Password reset with identity verification using email confirmation.
2018-08-27 04:46:15 +07:00
* Single-factor only authentication method available.
2017-01-29 22:29:36 +07:00
* Access restriction after too many authentication attempts.
2019-03-28 05:09:01 +07:00
* Fine-grained access control per subdomain, user, resource and network.
2019-04-18 04:02:10 +07:00
* Support of basic authentication for endpoints protected by single factor.
2019-12-07 20:39:21 +07:00
* Highly available using a remote database and Redis as a highly available KV store.
2019-04-18 04:02:10 +07:00
* Compatible with Kubernetes [ingress-nginx ](https://github.com/kubernetes/ingress-nginx ) controller out of the box.
2016-12-18 02:19:10 +07:00
2019-12-06 03:52:04 +07:00
For more details about the features, follow [Features ](./docs/features.md ).
2017-06-29 16:51:52 +07:00
2019-04-18 04:02:10 +07:00
## Proxy support
Authelia works in combination with [nginx] or [Traefik] and soon with [HAProxy] as discussed in
[#271 ](https://github.com/clems4ever/authelia/issues/271 ). It can be deployed on bare metal with
Docker or directly in [Kubernetes].
< p align = "center" >
2019-12-06 03:52:04 +07:00
< img src = "./docs/images/logos/nginx.logo.png" height = "50" / >
< img src = "./docs/images/logos/traefik.logo.png" height = "50" / >
< img src = "./docs/images/logos/kubernetes.logo.png" height = "50" / >
2019-04-18 04:02:10 +07:00
< / p >
2018-08-27 04:46:15 +07:00
## Getting Started
2017-01-29 22:29:36 +07:00
2019-03-04 05:51:52 +07:00
You can start off with
2019-03-25 15:04:58 +07:00
git clone https://github.com/clems4ever/authelia.git & & cd authelia
2019-03-04 05:51:52 +07:00
source bootstrap.sh
2019-12-06 03:52:04 +07:00
If you want to go further, please read [Getting Started ](./docs/getting-started.md ).
2018-11-16 14:39:57 +07:00
## Deployment
2019-03-04 05:51:52 +07:00
Now that you have tested **Authelia** and you want to try it out in your own infrastructure,
2019-12-06 03:52:04 +07:00
you can learn how to deploy and use it with [Deployment ](./docs/deployment-production.md ).
2019-03-04 05:51:52 +07:00
This guide will show you how to deploy it on bare metal as well as on
[Kubernetes ](https://kubernetes.io/ ).
2017-07-14 05:52:07 +07:00
2017-10-15 22:57:12 +07:00
## Security
2018-08-27 04:46:15 +07:00
If you want more information about the security measures applied by
**Authelia** and some tips on how to set up **Authelia** in a secure way,
2019-12-06 03:52:04 +07:00
refer to [Security ](./docs/security.md ).
2017-10-15 22:57:12 +07:00
2019-04-17 03:58:45 +07:00
## Changelog & Breaking changes
2017-01-29 22:29:36 +07:00
2019-12-06 03:52:04 +07:00
See [CHANGELOG.md ](./CHANGELOG.md ) and [BREAKING.md ](./BREAKING.md ).
2018-04-26 14:22:40 +07:00
2018-11-16 04:47:27 +07:00
## Contribute
2017-01-29 22:29:36 +07:00
2018-11-16 04:47:27 +07:00
Anybody willing to contribute to the project either with code,
documentation, security reviews or whatever, are very welcome to issue
or review pull requests and take part to discussions in
[Gitter ](https://gitter.im/authelia/general?utm_source=share-link&utm_medium=link&utm_campaign=share-link ).
2019-12-05 17:10:02 +07:00
I am very grateful to contributors for their contributions to the project. Don't hesitate, be the next!
2018-11-16 14:39:57 +07:00
## Build Authelia
2019-12-06 03:52:04 +07:00
If you want to contribute with code, you should follow the documentation explaining how to [build ](./docs/build-and-dev.md ) the application.
2016-12-18 02:19:10 +07:00
## License
2018-08-27 04:46:15 +07:00
2019-04-17 04:40:15 +07:00
**Authelia** is **licensed** under the ** [Apache 2.0]** license. The terms of the license are detailed
2019-12-06 03:52:04 +07:00
in [LICENSE ](./LICENSE ).
2016-12-18 02:19:10 +07:00
2019-04-17 04:40:15 +07:00
[Apache 2.0]: https://www.apache.org/licenses/LICENSE-2.0
2017-01-29 22:29:36 +07:00
[TOTP]: https://en.wikipedia.org/wiki/Time-based_One-time_Password_Algorithm
2019-03-25 00:45:32 +07:00
[Security Key]: https://www.yubico.com/about/background/fido/
2017-01-29 22:29:36 +07:00
[Yubikey]: https://www.yubico.com/products/yubikey-hardware/yubikey4/
2017-06-29 16:51:52 +07:00
[auth_request]: http://nginx.org/en/docs/http/ngx_http_auth_request_module.html
[Google Authenticator]: https://play.google.com/store/apps/details?id=com.google.android.apps.authenticator2& hl=en
2019-12-06 03:52:04 +07:00
[config.template.yml]: ./config.template.yml
2019-04-18 04:02:10 +07:00
[nginx]: https://www.nginx.com/
[Traefik]: https://traefik.io/
[HAproxy]: http://www.haproxy.org/
[Kubernetes]: https://kubernetes.io/