Authelia

An open-source authentication and authorization server providing two-factor authentication (2FA) and single sign-on (SSO) for your applications via a web portal.

Default Credentials

• No default credentials — Authelia requires configuration before first use

What You Can Do After Deployment

1. Visit your domain — you will see the Authelia login portal
2. Configure authentication backends — set up LDAP or file-based user databases
3. Enable two-factor authentication — TOTP, WebAuthn, or Duo Security
4. Protect your services — integrate with reverse proxies (Traefik, Nginx, Caddy) to add SSO to any application
5. Set access control rules — define fine-grained policies per domain, resource, or user group
6. Enable password reset — configure SMTP for email-based password recovery

Key Features

• Single sign-on (SSO) portal
• Two-factor authentication (TOTP, WebAuthn, Duo)
• Fine-grained access control policies
• LDAP and file-based user backends
• OpenID Connect 1.0 provider
• Password reset via email
• Session management with SQLite, Redis, or PostgreSQL

Important Notes

Authelia stores session and configuration data in an embedded SQLite database by default. For production use, configure your authentication backend and access control rules via environment variables or a mounted configuration file.

License

Apache-2.0 — GitHub