Api Security
Showing 34 of 106 projects
A FastAPI extension that provides authentication and authorization via dependencies.
A JWT authentication middleware for Go HTTP servers with short-lived auth tokens, refresh tokens, and CSRF protection.
A lightweight library for creating and verifying JSON Web Tokens (JWT) in Deno and browser environments.
A JavaScript library for generating OAuth 1.0a signatures compliant with RFC 5849 for Node.js and browser environments.
An Erlang library for implementing the server side of OAuth 2.0 authorization.
A comprehensive JSON Web Token (JWT) implementation for the Crystal programming language.
A Vapor middleware for adding federated authentication with OAuth providers to Swift server applications.
An open-source OAuth2 and OpenID Connect server for simple, secure authentication, built in Go.
A Symfony bundle for integrating Google reCAPTCHA v3 to protect forms and APIs from bots without user interaction.
A dependency-aware GraphQL API fuzzing tool that automatically generates and executes security tests based on schema introspection.
A token authentication library for Phoenix applications, designed for API authentication in single-page apps.
Automatic CSRF protection for JavaScript apps using Symfony APIs via cookie-header validation.
An Elixir implementation of the JSON Web Token (JWT) standard (RFC 7519) for secure authentication and data exchange.
A .NET implementation of Paseto (Platform-Agnostic Security Tokens) for secure token generation, validation, and key serialization.
A JWT authentication package for Laravel and Lumen with built-in security features and middleware.
A fast GraphQL discovery and fingerprinting toolbox for security testing and reconnaissance.
A C library for building OAuth 2.x and OpenID Connect servers and clients, with plugins for Apache and NGINX.
A SvelteKit example app demonstrating multiple authentication backend implementations with protected routes and API endpoints.
A minimalistic Go library for generating, parsing, and verifying HMAC SHA-256 JSON Web Tokens.
Cisco's comprehensive design guidelines for building consistent, secure, and RESTful network APIs.
A fast IDA Pro plugin that finds calls to insecure API functions in binaries to aid vulnerability research.
A curated list of OpenID Connect providers, libraries, resources, and specifications for implementing modern authentication.
A curated list of OpenID Connect providers, libraries, resources, and specifications for implementing modern authentication.
A Magento 2 module that adds configurable CORS headers to the GraphQL and REST APIs for headless applications.
A Vapor 3 middleware for rate limiting API requests by IP address and URL, returning HTTP 429 when limits are exceeded.
An open-source identity gateway that provides authentication, access control, and single sign-on for web and cloud applications.
Middleware-based authorization for Absinthe GraphQL powered by Bodyguard, providing authentication-agnostic access control.
A declarative authorization middleware for Prisma that operates at the model level to secure GraphQL APIs.
Rate limiting middleware for Vapor applications, restricting requests based on client identifiers like IP address.
A Go package that provides an ID type to prevent exposing internal numeric IDs to clients using HashIDs and JSON marshaling.
A modern Swift library for JOSE standards (JWT, JWS, JWE, SD-JWT) with first-class CryptoKit and secp256k1 support.
A Python library providing JWT authentication decorators for Flask-GraphQL applications.
OpenID Connect and OAuth 2.0 framework for ASP.NET Core (archived, superseded by Duende IdentityServer).
A CakePHP plugin for rate limiting API requests with configurable limits, client identification, and event-driven customization.
Related Tags
Found a gem we're missing?
Open-Awesome is built by the community, for the community. Submit a project, suggest an awesome list, or help improve the catalog on GitHub.