Thanks to visit codestin.com
Credit goes to github.com

Skip to content

tinyrack-net/tinyauth

BranchesTags

Repository files navigation

TinyAuth

A lightweight, self-hosted OpenID Connect provider for modern applications.

CI npm server npm standalone License: MIT Node.js

Documentation · Configuration · 한국어

TinyAuth is a self-hosted OpenID Connect (OIDC) provider that gives your apps a standards-based login system without bringing in a full identity platform.

It supports OAuth2/OIDC authorization code flows, PKCE, password login, passkeys, TOTP, social login, and a customizable multilingual frontend. Run it as a standalone server, ship it with Docker, or embed the server package in your own Node.js application.

Features

  • OIDC/OAuth2 provider with authorization code flow, PKCE, discovery, token, userinfo, introspection, and revocation endpoints
  • Multiple sign-in methods including password, passkeys/WebAuthn, GitHub, Google, Apple, and generic OAuth/OIDC providers
  • Two-factor authentication with TOTP and passkey-based second factors
  • Config-driven deployment through a single YAML file
  • Customizable frontend with themes, branding, background images, language selection, and terms flows
  • Database support for SQLite and PostgreSQL
  • Standalone or embedded usage through Docker, the standalone CLI, or @tinyrack/tinyauth-server

Installation

Docker

docker run --rm \
  -p 8080:8080 \
  -v ./config.yaml:/opt/config.yaml \
  ghcr.io/tinyrack-net/tinyauth:latest

Standalone CLI

npm install -g @tinyrack/tinyauth-standalone
tinyauth serve --config-path ./config.yaml

Server package

Use the server package when you want to embed TinyAuth in your own Node.js runtime.

npm install @tinyrack/tinyauth-server

Quick Start

Create a minimal config.yaml:

app:
  host: http://localhost:8080
  port: 8080

security:
  session_secret: change-me-session-secret
  hash_secret: change-me-hash-secret

database:
  type: sqlite
  path: ./data.db

basic_authentication_methods:
  password:
    enabled: true
  passkey:
    enabled: true

Start TinyAuth:

docker run --rm \
  -p 8080:8080 \
  -v ./config.yaml:/opt/config.yaml \
  ghcr.io/tinyrack-net/tinyauth:latest

Verify the OIDC discovery endpoint:

curl http://localhost:8080/.well-known/openid-configuration

Examples

  • examples/clients/nextjs-ssr — Next.js OIDC client with server-side token handling
  • examples/clients/react-spa — React SPA using authorization code flow with PKCE
  • examples/servers/node-hono-sqlite — Hono + SQLite deployment using @tinyrack/tinyauth-server and the bundled frontend

Documentation

For configuration guides, client integration examples, deployment notes, and the API reference, visit the TinyAuth documentation site.

License

MIT

About

Lightweight self-hosted OpenID Connect (OIDC) provider with OAuth2, passkeys, 2FA, social login, and customizable UI

tinyauth.tinyrack.net

Topics

react docker oauth2 typescript authentication self-hosted totp sso openid-connect social-login oidc identity-provider 2fa fastify webauthn passkeys

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

15 tags

Packages

 
 
 

Contributors

Languages