Announcement
Dex - OpenID Connect and OAuth 2.0 Identity Provider
Dex is an OpenID Connect (OIDC) identity and OAuth 2.0 provider with pluggable connectors, enabling authentication against a variety of backend identity sources.
Project Introduction
Summary
Dex is an identity service that uses OpenID Connect to drive authentication for other apps. It acts as a bridge between applications and backend identity providers like LDAP, SAML providers, GitHub, and others. Applications that want to use OIDC or OAuth2 for authentication can delegate this responsibility to Dex.
Problem Solved
In complex environments with multiple applications and diverse user directories (e.g., enterprise LDAP, public social logins), managing user identities and implementing secure Single Sign-On (SSO) can be challenging. Dex simplifies this by aggregating various identity sources under a single, standards-compliant OIDC/OAuth2 interface.
Core Features
Pluggable Identity Connectors
Supports integration with various identity backends including LDAP, GitHub, Google, Microsoft, and more via pluggable connectors.
Centralized Authentication
Acts as a central identity provider for applications, allowing users to log in using their existing accounts from configured identity sources.
Standard Protocol Compliance
Provides standard OIDC and OAuth2 endpoints for applications to delegate authentication and authorization.
Scalable and Cloud-Native Deployment
Can be deployed as a standalone service or within orchestrators like Kubernetes, designed for scalability and reliability.
Tech Stack
使用场景
Dex can be applied in various scenarios requiring centralized identity management, Single Sign-On, and integration with existing user directories.
场景一:企业内部应用 SSO
Details
Provide employees with a single login experience to access multiple internal web applications and services, regardless of where their original user account resides (e.g., Active Directory, LDAP).
User Value
Improves user experience, reduces password fatigue, and simplifies access management for IT.
场景二:集成外部身份提供商
Details
Allow users of a web application or service to authenticate using external identity providers like Google, GitHub, or enterprise SAML providers (e.g., Okta, Azure AD).
User Value
Increases user adoption by offering convenient sign-in options and leverages existing identity infrastructure.
场景三:微服务身份认证
Details
Secure communication between microservices by issuing and validating OIDC tokens, enabling service-to-service authentication and authorization.
User Value
Enhances security within a microservices architecture by providing a standardized, token-based authentication mechanism.
Recommended Projects
You might be interested in these projects
open-quantum-safeliboqs
liboqs is an open-source C library for experimenting with and prototyping quantum-resistant cryptography (also known as post-quantum cryptography). It provides implementations of various post-quantum key encapsulation mechanisms and digital signature schemes.
00-Evanshattered-pixel-dungeon
Shattered Pixel Dungeon is a free and open-source traditional roguelike dungeon crawler. Featuring randomized levels and enemies, and hundreds of items, it offers deep and replayable gameplay based on the source code of Pixel Dungeon by Watabou.
kagent-devkagent
Explore KAgent, a cloud-native framework for building and deploying sophisticated AI agents and multi-agent systems. Easily integrate AI into your workflows and communities, leveraging scalable infrastructure.