Auther

Serverless authentication provider Developed in Go

Features

Resource Owner

• Create a Resource Owner
• Customise UI
• Create User Pools
• Login/Register
• Create Roles
• Configure scopes per role/user

Authorization Server

• Create an Authorization Server
• Link to Resource Owner
• Create Clients
• Custom Claims
• Configurable Token
  • JWT
  • JWE
  • Opaque
• Blacklist

RFCs

• 6749 - The OAuth 2.0 Authorization Framework

• 6750 - The OAuth 2.0 Authorization Framework: Bearer Token Usage

• 7009 - Oauth 2.0 Token Revocation

• 7515 - JSON Web Signature (JWS)

• 7516 - JSON Web Encryption (JWE)

• 7517 - JSON Web Key (JWK)

• 7518 - JSON Web Algorithms (JWA)

• 7519 - JSON Web Token (JWT)

• 7523 - JSON Web Token (JWT) Profile for OAuth 2.0 Client Authentication and Authorization Grants

• 7617 - The 'Basic' HTTP Authentication Scheme

• 7636 - Proof Key for Code Exchange by OAuth Public Clients

• 7638 - JSON Web Key (JWK) Thumbprint

• 7662 - Oauth 2.0 Token Introspection

• 7797 - JSON Web Signature (JWS) Unencoded Payload Option

• 8252 - OAuth 2.0 for Native Apps

• 8414 - OAuth 2.0 Authorization Server Metadata

• 8628 - OAuth 2.0 Device Authorization Grant

• 8693 - OAuth 2.0 Token Exchange

• 8725 - JSON Web Token Best Current Practices

• OpenID Connect Core 1.0 incorporating errata set 2

• OpenID Connect Discovery 1.0 incorporating errata set 2

• OpenID Connect Dynamic Client Registration 1.0 incorporating errata set 2

• OpenID Connect Session Management 1.0

Infrastructure

• Namecheap
• Cloudflare
• API Gateway
• Lambda
• S3
• DynamoDB