Deploy a single sign-on solution with built-in multi-factor authentication
D

Deploy a single sign-on solution with built-in multi-factor authentication

Deploy a single sign-on solution with built-in multi-factor authentication

UI
28,163 stars
N/A forks
N/A contributors

README

Project documentation from GitHub

Single Sign-On with Built-in MFA? Authelia's Got You Covered

Let's be honest: managing user authentication across your internal tools, dashboards, and applications is a chore. You've got your admin panels, your monitoring dashboards, your CI/CD interfaces—each one demanding a password. Then there's the whole multi-factor authentication (MFA) conversation. It's a security must-have, but rolling it out everywhere is a project in itself. What if you could secure it all behind a single, unified login that handles MFA for you?

Enter Authelia. It's an open-source authentication and authorization server that acts as a gatekeeper for your web applications. Think of it as your own internal, self-hosted single sign-on (SSO) portal with MFA baked right in. No more managing a dozen separate logins or skipping 2FA on that one internal tool because it was too much hassle to set up.

What It Does

In short, Authelia sits in front of your applications (like a reverse proxy) and intercepts requests. When a user tries to access anything you've protected, Authelia checks if they're logged in. If not, it presents a centralized login portal. Once authenticated (with their chosen second factor, like a TOTP app or a security key), they can seamlessly access all the connected apps without logging in again. It handles the session, the security policies, and the MFA enforcement, so your individual apps don't have to.

Why It's Cool

The beauty of Authelia is in its simplicity and power. You're not rewriting your apps; you're just putting a smart bouncer in front of them. It supports a range of second-factor methods out of the box—TOTP, WebAuthn for hardware keys, and even mobile push notifications via Duo. You can define access control rules with fine-grained detail (user X can access app Y but only from network Z).

It's also incredibly lightweight and built in Go, making it a breeze to run in containerized environments. The configuration is YAML-based and straightforward. You're not deploying a massive enterprise suite; you're deploying a focused tool that does one job exceptionally well: securing your homelab, your startup's internal stack, or your company's developer tools.

How to Try It

The quickest way to get a feel for Authelia is to check out their official documentation which includes detailed guides. For a hands-on test, the GitHub repository provides a compose example that lets you spin up a full demo environment with Docker Compose in minutes. It's the best way to see the login flow and admin interface without committing to a production setup.

  1. Clone the repo: git clone https://github.com/authelia/authelia
  2. Navigate to the compose example: cd aut

Did you like this issue?

Join our weekly newsletter

Related Projects

Love discovering amazing projects?

Help us continue bringing you the best open-source discoveries every week.

Back to Projects
Last updated: Dec 19, 2025