mod_auth_openid is an authentication module for the Apache 2 webserver. It handles the functions of an OpenID consumer as specified in the OpenID 2.0 specification.
C++ Shell
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Failed to load latest commit information.
acinclude.d got rid of openid20 branch, finalized 0.3.rc1 Jun 26, 2008
INSTALL moved source files to src directory Jan 5, 2012
README.markdown Update README.markdown Feb 5, 2015


This project is no longer actively maintained. If you'd like to take it over, email the author.

Basic Installation

First, you'll need a few prerequisites.

Next, run:



 ./configure --help

to see additional options that can be specified.

Next, run:

 su root
 make install

Make sure that the file /tmp/mod_auth_openid.db is owned by the user running Apache. You can do this by (assuming www-data is the user running apache):

 su root
 touch /tmp/mod_auth_openid.db
 chown www-data /tmp/mod_auth_openid.db

Or you can specify an alternate location that the user running apache has write privieges on (see the docs for the AuthOpenIDDBLocation directive on the homepage).


In either a Directory, Location, or File directive in httpd.conf, place the following directive:

 AuthType            OpenID
 Require             valid-user

There are also additional, optional directives. See the homepage for a list and docs.

The user's identity URL will be available in the REMOTE_USER cgi environment variable after authentication.

Usage with HTTP Basic

You can configure Apache's HTTP Basic mechanism ahead of mod_auth_openid, allowing a client to present either a valid Basic auth credential first or an OpenID credential second.

 AuthType               Basic
 AuthBasicAuthoritative Off
 AuthUserFile           .htpasswd

 AuthType               OpenID
 Require                valid-user

See the project page for more information.