Amazon Cognito
Customer identity and access management service for adding user sign-up, sign-in, and authentication to apps
Open-Source Projects
Discover top open-source software, updated regularly with real-world adoption signals.
Discover top open-source software, updated regularly with real-world adoption signals.
Spec-compliant Python library for OAuth and OpenID Connect
Comprehensive Python library for building OAuth 1.0/2.0 and OpenID Connect clients and servers. Includes full JOSE support (JWS, JWE, JWK, JWT) with framework integrations.
Authlib is a production-ready Python library that provides spec-compliant implementations for building OAuth 1.0, OAuth 2.0, and OpenID Connect clients and providers. Compatible with Python 3.9+, it delivers the most comprehensive coverage of OAuth-related RFCs in the Python ecosystem.
Authlib integrates seamlessly with Flask, Django, Starlette, and FastAPI, enabling developers to add authentication and authorization to existing applications without architectural changes. The library includes both synchronous (Requests) and asynchronous (HTTPX) HTTP client support, along with built-in integrations for connecting to third-party OAuth providers.
With support for 15+ OAuth RFCs and full JOSE implementation (JSON Web Signature, Encryption, Key, Algorithms, and Token), Authlib handles everything from basic authorization flows to advanced scenarios like device authorization grants, dynamic client registration, and JWT-secured authorization requests. Whether you're building a simple OAuth client or a full-featured authorization server, Authlib provides the building blocks without forcing opinions on your application structure.
When teams consider Authlib, these hosted platforms usually appear on the same shortlist.
Looking for a hosted option? These are the services engineering teams benchmark against before choosing open source.
Multi-Tenant SaaS Authorization Server
Deploy a compliant OAuth 2.0 provider with PKCE, token introspection, and dynamic client registration for enterprise customers
Microservices API Gateway Authentication
Implement JWT-based service-to-service authentication using RFC 9068 access tokens with JWK rotation
Third-Party OAuth Integration Hub
Connect Flask or Django application to multiple OAuth providers using built-in client sessions with unified interface
IoT Device Authorization Flow
Enable secure device onboarding using RFC 8628 device authorization grant for input-constrained hardware
Authlib provides the most comprehensive RFC coverage (15+ specifications) and supports both building OAuth clients and full authorization servers, unlike libraries focused solely on client-side social login.
Authlib is BSD-3-Clause licensed for most uses. Commercial licenses are available for specific scenarios; review the plans at authlib.org/plans for your use case.
The JOSE functionality is being extracted into a separate joserfc library for better modularity. Migration guides are provided in the documentation.
Yes, Authlib includes native async support with AsyncOAuth2Client, AsyncAssertionClient, and dedicated integrations for Starlette and FastAPI.
Yes, Authlib fully implements OpenID Connect Core 1.0, Discovery 1.0, and Dynamic Client Registration 1.0 specifications.
Project at a glance
ActiveLast synced 4 days ago
