The Authnomicon project is a reference implementation of various identity and access management (IAM) standards and protocols.
This project provides components that implement web-based authentication, session management, single sign-on (SSO) via OpenID and SAML, delegated authorization via OAuth, and provisioning via SCIM.
These components are implemented for Bixby.js, a dependency injection framework for Node.js applications. This allows the project to provide protocol endpoints independent of application-specific business logic. Business logic is injected into and driven by protocol implementations in accordance with hexagonal architecture.
The result is a fully-functional IAM system, where business logic components can be swapped out and replaced according to application-specific needs, while still leveraging the protocol implementations.
-
@authnomicon/prompts - Components to present prompts to the user in a web browser, as part of a challenge-response flow needed to obtain authentication and authorization.
-
@authnomicon/login - Components for prompting a user to log in, as well as authenticating using a password credential.
-
@authnomicon/federated - Components for federated identity operations (single sign-on (SSO), single logout (SLO), delegated authorization) with external identity providers (IDPs).
-
@authnomicon/oob - Components for out-of-band authentication, including email magic link and SMS one-time password (OTP).
- @authnomicon/session - Components for maintaining authentication context during a web-based login session.
-
@authnomicon/oauth2 - Components for building an OAuth 2.0 authorization server (AS) and providing authorization to third-party applications.
-
@authnomicon/openidconnect - Components for building an OpenID Connect provider (OP) and providing authentication to relying party (RP) applications.
- @authnomicon/postgresql - Components that provide data access and persistence for user profile information and credentials using PostgreSQL.