Pocket ID
Pocket ID is a simple and clean OIDC provider that allows users to authenticate with passkeys. It uses SQLite for storage and runs as a single container. A lightweight alternative to Keycloak or Authentik for small teams that want passwordless login.
Services
pocket-id
ghcr.io/pocket-id/pocket-id:v2Pocket ID
A simple OIDC provider that supports passkey-based authentication. Lightweight, self-contained, and uses SQLite for storage.
First Login
On first visit, you will be prompted to create an admin account with a passkey. Your browser must support WebAuthn (all modern browsers do).
What You Can Do After Deployment
- Visit your domain — register your admin account using a passkey
- Create OIDC clients — set up applications that authenticate through Pocket ID
- Invite users — add users who can register their own passkeys
- Configure branding — customize the login page appearance
- Manage sessions — view and revoke active sessions
Key Features
- Passwordless login with passkeys (WebAuthn/FIDO2)
- Standard OIDC provider (works with any OIDC-compatible app)
- User and group management
- Customizable branding
- LDAP proxy support
- SQLite storage (no external database)
- Email notifications via SMTP
License
MIT — GitHub
Services