Security News > 2024 > May > Authelia: Open-source authentication and authorization server

Authelia: Open-source authentication and authorization server
2024-05-22 04:30

Authelia is an open-source authentication and authorization server that offers 2FA and SSO for applications through a web portal.

Authelia connects directly to the reverse proxy but never to the application backends.

As a result, the protected APIs can be REST, GraphQL, or any other type of API over HTTP. Authelia features.

The development process for Authelia aims to forego implementations in instances where the security implications are questionable.

The tool supports hardware-based second factors for additional security using FIDO2 WebAuthn-compatible security keys, such as YubiKeys.

"We're also looking to the future regarding security and privacy of our implementation by slowly adding the Financial-grade API aspects to Authelia such as RFC9126 Pushed Authorization Requests which is already implemented. The Financial-grade API appears in most situations to be a sensible set of security defaults and helpful features that improve security and privacy and fits well into the goals of Authelia," Elliott said.


News URL

https://www.helpnetsecurity.com/2024/05/22/authelia-open-source-authentication-authorization-server/