mod_auth_openid is an authentication module for the Apache 2 webserver. It handles the functions of an OpenID consumer as specified in the OpenID 2.0 specification.
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Type Name Latest commit message Commit time
Failed to load latest commit information.
acinclude.d got rid of openid20 branch, finalized 0.3.rc1 Jun 26, 2008
src Fixed typo reported by cdman Oct 22, 2013
AUTHORS updated README, moved new config args to site Apr 23, 2012
ChangeLog upated ChangeLog for new release 0.8 Oct 23, 2013
INSTALL moved source files to src directory Jan 5, 2012
README Added readme markdown Jan 16, 2011
README.markdown Update README.markdown Feb 5, 2015
UPGRADE updating trunk in preparation for next release Feb 23, 2009 moved source files to src directory Jan 5, 2012 bumped version to 0.8 as dev version, fixed formatting in readme Oct 23, 2013


This project is no longer actively maintained. If you'd like to take it over, email the author.

Basic Installation

First, you'll need a few prerequisites.

Next, run:



 ./configure --help

to see additional options that can be specified.

Next, run:

 su root
 make install

Make sure that the file /tmp/mod_auth_openid.db is owned by the user running Apache. You can do this by (assuming www-data is the user running apache):

 su root
 touch /tmp/mod_auth_openid.db
 chown www-data /tmp/mod_auth_openid.db

Or you can specify an alternate location that the user running apache has write privieges on (see the docs for the AuthOpenIDDBLocation directive on the homepage).


In either a Directory, Location, or File directive in httpd.conf, place the following directive:

 AuthType            OpenID
 Require             valid-user

There are also additional, optional directives. See the homepage for a list and docs.

The user's identity URL will be available in the REMOTE_USER cgi environment variable after authentication.

Usage with HTTP Basic

You can configure Apache's HTTP Basic mechanism ahead of mod_auth_openid, allowing a client to present either a valid Basic auth credential first or an OpenID credential second.

 AuthType               Basic
 AuthBasicAuthoritative Off
 AuthUserFile           .htpasswd

 AuthType               OpenID
 Require                valid-user

See the project page for more information.