a12n is short for "authentication".
a12n-server is a simple authentication server that implements the OAuth2 and OpenID Connect standards.
It's goals is to create a fast, lightweight server that can be quickly deployed on both dev machines and
in production.
- Node.js 18.x
- MySQL, Postgres or Sqlite
Get a test server by running:
mkdir a12n-server && cd a12n-server
npx @curveball/a12n-serverThis will automatically create a configuration file and sqlite database in the current directory.
Then, just open http://localhost:8531/ to create your admin account. See the Getting Started guide for other ways to run the server.
This project has been used in production since 2018 and actively maintained.
Instead of rolling your own authentication system, you get A LOT of features for free 🪄:
The server supports core features such as:
- A User API that can be used to create, update, delete and list users.
- User registration, login, lost password.
- Multi-factor auth including
- TOTP (Google Authenticator)
- Email one-time passcodes.
- Hardware keys support (WebauthN)
- Groups (roles) and permissions that can be assigned to users or groups.
- A browser-based admin interface.
- A REST API that can be traversed using a standard browser, as it spits out both JSON and HTML.
The server supports OAuth2 and OpenID Connect, with support for the following features and standards:
- Authorization code, client credentials, password and implicit grants.
- OAuth2 discovery document and OpenID Connect configuration endpoint.
- OAuth 2 Token Introspection.
- JSON Web Key Sets.
- OAuth2 Token Revocation
- RFC 9068 - JSON Web Token (JWT) Profile for OAuth 2.0 Access Tokens.
- PKCE.
- OAuth 2.0 Multiple Response Type Encoding Practices