Authorizer is a free and open-source authentication and authorization (RBAC) service for your applications. Just bring a database.
Features
- ✅ Sign-in / Sign-up with email ID and password
- ✅ OAuth Login (GitHub, Google, and more)
- ✅ Password-less login (i.e. magic links)
- ✅ Secure session management
- ✅ Email verification and forgot password flow
- ✅ OAuth2 and OpenID compatible APIs
- ✅ Update profile API
- ✅ RBAC (Role-based access control)
- ✅ Custom UIs
Backend SDKs
- Node: https://github.com/authorizerdev/authorizer-js
- Golang: https://docs.authorizer.dev/authorizer-go
Frontend SDKs
- Vanilla JS: https://github.com/authorizerdev/authorizer-js(opens in a new tab
- React: https://github.com/authorizerdev/authorizer-react(opens in a new tab
Getting started
Once your app has deployed successfully, open its URL in your browser and login using your ADMIN_SECRET
variable. From there it's a good idea to add email configurations and any OAuth configs.
Additional configuration
Authorizer is configurable via secrets and variables. Here are some important options:
Name | Description |
---|---|
AUTHORIZER_URL | Domain name of the server, eg https://dxxxxxxx.cloudfront.net |
REDIS_URL | Use an external Redis database for sessions instead of storing them in-memory in your Authorizer instance |
RESET_PASSWORD_URL | Reset password link, that can be used to send the correct forgot password link |