🗂️ Navigation
📁 Identity & Access
📋 Directory Integration
🔧 Authentik

Authentik

The Open-Source Identity Provider.

Visit Website →

Overview

Authentik is an open-source Identity Provider (IdP) that offers a flexible and secure way to manage user identities and access. It integrates with existing environments through standard protocols like OAuth 2.0, SAML, and LDAP. A key feature of Authentik is its powerful visual flow engine, which allows administrators to create highly customizable authentication and enrollment policies. It is designed to be self-hosted, giving organizations full control over their identity infrastructure.

✨ Key Features

  • Identity Provider (Forward auth, SAML, OAuth2, OpenID)
  • Visual Policy & Flow Engine
  • Federation (LDAP, SCIM)
  • Multi-factor Authentication
  • Application Proxy
  • Recovery Keys

🎯 Key Differentiators

  • Powerful and intuitive visual flow engine for policies
  • Modern, container-native architecture
  • Integrated application proxy for legacy apps

Unique Value: Offers unparalleled flexibility in defining authentication policies through its visual flow engine, all within a free, open-source, self-hostable package.

🎯 Use Cases (4)

Providing single sign-on for self-hosted applications Creating complex, conditional authentication flows Securing access to internal services and APIs Replacing proprietary SSO solutions like Okta or Auth0 with a self-hosted alternative

✅ Best For

  • A home lab enthusiast using Authentik to provide SSO for all their personal services (Plex, Home Assistant, etc.).
  • A company using the flow engine to require MFA only for users accessing sensitive applications or those coming from untrusted networks.

💡 Check With Vendor

Verify these considerations match your specific requirements:

  • Organizations without the technical capability to deploy and maintain a containerized, self-hosted application.
  • Companies requiring official certifications like FedRAMP or HIPAA compliance out-of-the-box.

🏆 Alternatives

Keycloak Okta Authelia

Compared to Keycloak, Authentik's flow engine is often considered more powerful and intuitive for creating custom logic. It provides a much broader feature set than lighter-weight proxy solutions like Authelia.

💻 Platforms

On-Premises Software (Docker, Kubernetes)

🔌 Integrations

LDAP OAuth SAML SCIM Kubernetes (via Ingress)

🛟 Support Options

  • ✓ Email Support
  • ✓ Dedicated Support (Enterprise Support tier)

🔒 Compliance & Security

✓ GDPR ✓ SSO

💰 Pricing

Contact for pricing
Free Tier Available

Free tier: The software is free and open-source. A cloud service and enterprise support are available.

Visit Authentik Website →

🔄 Similar Tools in Directory Integration

Okta

Provides identity management services for enterprises, securing and connecting people to their appli...

Contact

Microsoft Entra ID

Microsoft's cloud-based identity and access management service, helping employees sign in and access...

$6.00/mo

JumpCloud

Unifies device management, identity, and access control into a single, cloud-based platform....

$2.00/mo

OneLogin

A cloud-based identity and access management (IAM) solution that provides SSO, MFA, and user provisi...

Contact

Ping Identity

Provides intelligent identity solutions for the enterprise, covering workforce, customer, and partne...

Contact

Rippling

A unified platform for HR, IT, and Finance that automates administrative work, including identity an...

$8.00/mo