authelia/README.md

<p align="center">
  <img src="https://github.com/clems4ever/authelia/raw/master/images/authelia-title.png" width="350" title="Authelia">
</p>

  [![license](https://img.shields.io/badge/license-Apache%202.0-green.svg)][Apache 2.0]
  [![Build](https://travis-ci.org/clems4ever/authelia.svg?branch=master)](https://travis-ci.org/clems4ever/authelia)
  [![Known Vulnerabilities](https://snyk.io/test/github/clems4ever/authelia/badge.svg?targetFile=package.json)](https://snyk.io/test/github/clems4ever/authelia?targetFile=package.json)
  [![Gitter](https://img.shields.io/gitter/room/badges/shields.svg)](https://gitter.im/authelia/general?utm_source=share-link&utm_medium=link&utm_campaign=share-link)

**Authelia** is an open-source authentication and authorization server
providing 2-factor authentication and single sign-on (SSO) for your
applications via a web portal.
It acts as a companion of reverse proxies like [nginx] or [Traefik] by handling forwarded authentication and authorization requests.

    BREAKING NEWS: Authelia v4 release is coming soon! The new version is written in Go for reliability, performance and security improvements.
    It is currently available in beta in master.
    Please read AUTHELIA-V4.md if you want to migrate from v3 to v4. But note that the data model migration is not automated yet.


<p align="center">
  <img src="https://github.com/clems4ever/authelia/raw/master/images/authelia.logo.png" height="100"/>
  <img src="https://github.com/clems4ever/authelia/raw/master/images/plus.png" height="100"/>
  <img src="https://github.com/clems4ever/authelia/raw/master/images/nginx.logo.png" height="100"/>
  <img src="https://github.com/clems4ever/authelia/raw/master/images/traefik.logo.png" height="100"/>  
</p>

**Authelia** can be installed as a standalone service using Docker or NPM
but can also be deployed easily on [Kubernetes] leveraging ingress controllers and ingress configuration.

<p align="center">
  <img src="https://github.com/clems4ever/authelia/raw/master/images/kubernetes.logo.png" height="100"/>
  <img src="https://github.com/clems4ever/authelia/raw/master/images/docker.logo.png" width="100">
</p>

Here is what Authelia's portal looks like

<p align="center">
  <img src="https://github.com/clems4ever/authelia/raw/master/images/first_factor.png" width="400" />
  <img src="https://github.com/clems4ever/authelia/raw/master/images/use-another-method.png" width="400" />
</p>

## Features summary

Here is the list of the main available features:

* Several kind of second factor:
  * **[Security Key (U2F)](https://github.com/clems4ever/authelia/blob/master/docs/2factor/security-key.md)** with [Yubikey].
  * **[Time-based One-Time password](https://github.com/clems4ever/authelia/blob/master/docs/2factor/time-based-one-time-password.md)** with [Google Authenticator].
  * **[Mobile Push Notifications](https://github.com/clems4ever/authelia/blob/master/docs/2factor/duo-push-notifications.md)** with [Duo](https://duo.com/).
* Password reset with identity verification using email confirmation.
* Single-factor only authentication method available.
* Access restriction after too many authentication attempts.
* Fine-grained access control per subdomain, user, resource and network.
* Support of basic authentication for endpoints protected by single factor.
* Highly-available using distributed database and KV store.
* Compatible with Kubernetes [ingress-nginx](https://github.com/kubernetes/ingress-nginx) controller out of the box.

For more details about the features, follow [Features](https://github.com/clems4ever/authelia/blob/master/docs/features.md).

## Proxy support

Authelia works in combination with [nginx] or [Traefik] and soon with [HAProxy] as discussed in
[#271](https://github.com/clems4ever/authelia/issues/271). It can be deployed on bare metal with
Docker or directly in [Kubernetes].

<p align="center">
  <img src="https://github.com/clems4ever/authelia/raw/master/images/nginx.logo.png" height="50"/>
  <img src="https://github.com/clems4ever/authelia/raw/master/images/traefik.logo.png" height="50"/> 
  <img src="https://github.com/clems4ever/authelia/raw/master/images/kubernetes.logo.png" height="50"/> 
</p>

## Getting Started

You can start off with

    git clone https://github.com/clems4ever/authelia.git && cd authelia
    source bootstrap.sh

If you want to go further, please read [Getting Started](https://github.com/clems4ever/authelia/blob/master/docs/getting-started.md).

## Deployment

Now that you have tested **Authelia** and you want to try it out in your own infrastructure,
you can learn how to deploy and use it with [Deployment](https://github.com/clems4ever/authelia/blob/master/docs/deployment-production.md).
This guide will show you how to deploy it on bare metal as well as on
[Kubernetes](https://kubernetes.io/).

## Security

If you want more information about the security measures applied by
**Authelia** and some tips on how to set up **Authelia** in a secure way,
refer to [Security](https://github.com/clems4ever/authelia/blob/master/docs/security.md).

## Changelog & Breaking changes

See [CHANGELOG.md](https://github.com/clems4ever/authelia/blob/master/CHANGELOG.md) and [BREAKING.md](https://github.com/clems4ever/authelia/blob/master/BREAKING.md).

## Contribute

Anybody willing to contribute to the project either with code, 
documentation, security reviews or whatever, are very welcome to issue
or review pull requests and take part to discussions in
[Gitter](https://gitter.im/authelia/general?utm_source=share-link&utm_medium=link&utm_campaign=share-link).

I am very grateful to contributors for their contributions to the project. Don't hesitate be the next!

## Build Authelia

If you want to contribute with code, you should follow the documentation explaining how to [build](https://github.com/clems4ever/authelia/blob/master/docs/build-and-dev.md) the application.

## License

**Authelia** is **licensed** under the **[Apache 2.0]** license. The terms of the license are detailed
in [LICENSE](https://github.com/clems4ever/authelia/blob/master/LICENSE).


[Apache 2.0]: https://www.apache.org/licenses/LICENSE-2.0
[TOTP]: https://en.wikipedia.org/wiki/Time-based_One-time_Password_Algorithm
[Security Key]: https://www.yubico.com/about/background/fido/
[Yubikey]: https://www.yubico.com/products/yubikey-hardware/yubikey4/
[auth_request]: http://nginx.org/en/docs/http/ngx_http_auth_request_module.html
[Google Authenticator]: https://play.google.com/store/apps/details?id=com.google.android.apps.authenticator2&hl=en
[config.template.yml]: https://github.com/clems4ever/authelia/blob/master/config.template.yml
[nginx]: https://www.nginx.com/
[Traefik]: https://traefik.io/
[HAproxy]: http://www.haproxy.org/
[Kubernetes]: https://kubernetes.io/
Refactor README into several documents unders docs directory. (#265) 2018-08-26 21:46:15 +00:00			`<p align="center">`
Sync README.md from GitHub to DockerHub after push-manifest 2019-11-09 18:42:36 +00:00			`<img src="https://github.com/clems4ever/authelia/raw/master/images/authelia-title.png" width="350" title="Authelia">`
Refactor README into several documents unders docs directory. (#265) 2018-08-26 21:46:15 +00:00			`</p>`
Adding build status to README and fix title in npm 2016-12-18 11:35:56 +00:00
Update README to mention nginx and Traefik and update images. 2019-04-17 21:02:10 +00:00			`[![license](https://img.shields.io/badge/license-Apache%202.0-green.svg)][Apache 2.0]`
Update the README with U2F support and new screenshots 2017-01-29 15:29:36 +00:00			`[![Build](https://travis-ci.org/clems4ever/authelia.svg?branch=master)](https://travis-ci.org/clems4ever/authelia)`
Add snyk badge. 2018-08-30 09:25:33 +00:00			`[![Known Vulnerabilities](https://snyk.io/test/github/clems4ever/authelia/badge.svg?targetFile=package.json)](https://snyk.io/test/github/clems4ever/authelia?targetFile=package.json)`
Add back gitter link instead of Slack. 2018-08-28 19:04:57 +00:00			`[![Gitter](https://img.shields.io/gitter/room/badges/shields.svg)](https://gitter.im/authelia/general?utm_source=share-link&utm_medium=link&utm_campaign=share-link)`
Adding README, LICENSE and CONTRIBUTORS files 2016-12-17 19:19:10 +00:00
Update the documentation to include information on Duo. 2019-03-24 17:45:32 +00:00			`Authelia is an open-source authentication and authorization server`
			`providing 2-factor authentication and single sign-on (SSO) for your`
Update README to mention nginx and Traefik and update images. 2019-04-17 21:02:10 +00:00			`applications via a web portal.`
			`It acts as a companion of reverse proxies like [nginx] or [Traefik] by handling forwarded authentication and authorization requests.`

Update README.md 2019-11-09 11:43:45 +00:00			`BREAKING NEWS: Authelia v4 release is coming soon! The new version is written in Go for reliability, performance and security improvements.`
			`It is currently available in beta in master.`
Add documentation on Authelia v4 in README and add a migration document. 2019-10-28 22:41:21 +00:00			`Please read AUTHELIA-V4.md if you want to migrate from v3 to v4. But note that the data model migration is not automated yet.`


Update README to mention nginx and Traefik and update images. 2019-04-17 21:02:10 +00:00			`<p align="center">`
Sync README.md from GitHub to DockerHub after push-manifest 2019-11-09 18:42:36 +00:00			`<img src="https://github.com/clems4ever/authelia/raw/master/images/authelia.logo.png" height="100"/>`
			`<img src="https://github.com/clems4ever/authelia/raw/master/images/plus.png" height="100"/>`
			`<img src="https://github.com/clems4ever/authelia/raw/master/images/nginx.logo.png" height="100"/>`
			`<img src="https://github.com/clems4ever/authelia/raw/master/images/traefik.logo.png" height="100"/>`
Update README to mention nginx and Traefik and update images. 2019-04-17 21:02:10 +00:00			`</p>`
Update README to mention kubernetes in the description Also add a link to the wiki. 2018-04-26 07:22:40 +00:00
Refactor README into several documents unders docs directory. (#265) 2018-08-26 21:46:15 +00:00			`Authelia can be installed as a standalone service using Docker or NPM`
Update README to mention nginx and Traefik and update images. 2019-04-17 21:02:10 +00:00			`but can also be deployed easily on [Kubernetes] leveraging ingress controllers and ingress configuration.`

			`<p align="center">`
Sync README.md from GitHub to DockerHub after push-manifest 2019-11-09 18:42:36 +00:00			`<img src="https://github.com/clems4ever/authelia/raw/master/images/kubernetes.logo.png" height="100"/>`
			`<img src="https://github.com/clems4ever/authelia/raw/master/images/docker.logo.png" width="100">`
Update README to mention nginx and Traefik and update images. 2019-04-17 21:02:10 +00:00			`</p>`

			`Here is what Authelia's portal looks like`
Update README to mention kubernetes in the description Also add a link to the wiki. 2018-04-26 07:22:40 +00:00
Refactor README into several documents unders docs directory. (#265) 2018-08-26 21:46:15 +00:00			`<p align="center">`
Sync README.md from GitHub to DockerHub after push-manifest 2019-11-09 18:42:36 +00:00			`<img src="https://github.com/clems4ever/authelia/raw/master/images/first_factor.png" width="400" />`
			`<img src="https://github.com/clems4ever/authelia/raw/master/images/use-another-method.png" width="400" />`
Refactor README into several documents unders docs directory. (#265) 2018-08-26 21:46:15 +00:00			`</p>`
Update the README with U2F support and new screenshots 2017-01-29 15:29:36 +00:00
Refactor README into several documents unders docs directory. (#265) 2018-08-26 21:46:15 +00:00			`## Features summary`
Update README with session management and add a table of contents 2017-07-13 22:52:07 +00:00
Refactor README into several documents unders docs directory. (#265) 2018-08-26 21:46:15 +00:00			`Here is the list of the main available features:`
Update README with session management and add a table of contents 2017-07-13 22:52:07 +00:00
Update the documentation to include information on Duo. 2019-03-24 17:45:32 +00:00			`* Several kind of second factor:`
Sync README.md from GitHub to DockerHub after push-manifest 2019-11-09 18:42:36 +00:00			`* [Security Key (U2F)](https://github.com/clems4ever/authelia/blob/master/docs/2factor/security-key.md) with [Yubikey].`
			`* [Time-based One-Time password](https://github.com/clems4ever/authelia/blob/master/docs/2factor/time-based-one-time-password.md) with [Google Authenticator].`
			`* [Mobile Push Notifications](https://github.com/clems4ever/authelia/blob/master/docs/2factor/duo-push-notifications.md) with [Duo](https://duo.com/).`
Update README to mention nginx and Traefik and update images. 2019-04-17 21:02:10 +00:00			`* Password reset with identity verification using email confirmation.`
Refactor README into several documents unders docs directory. (#265) 2018-08-26 21:46:15 +00:00			`* Single-factor only authentication method available.`
Update the README with U2F support and new screenshots 2017-01-29 15:29:36 +00:00			`* Access restriction after too many authentication attempts.`
Add network criteria in ACLs to specify policy based on network subnet. 2019-03-27 22:09:01 +00:00			`* Fine-grained access control per subdomain, user, resource and network.`
Update README to mention nginx and Traefik and update images. 2019-04-17 21:02:10 +00:00			`* Support of basic authentication for endpoints protected by single factor.`
			`* Highly-available using distributed database and KV store.`
			`* Compatible with Kubernetes [ingress-nginx](https://github.com/kubernetes/ingress-nginx) controller out of the box.`
Adding README, LICENSE and CONTRIBUTORS files 2016-12-17 19:19:10 +00:00
Sync README.md from GitHub to DockerHub after push-manifest 2019-11-09 18:42:36 +00:00			`For more details about the features, follow [Features](https://github.com/clems4ever/authelia/blob/master/docs/features.md).`
Update the README to take example environment changes and new deployment command into account 2017-06-29 09:51:52 +00:00
Update README to mention nginx and Traefik and update images. 2019-04-17 21:02:10 +00:00			`## Proxy support`

			`Authelia works in combination with [nginx] or [Traefik] and soon with [HAProxy] as discussed in`
			`[#271](https://github.com/clems4ever/authelia/issues/271). It can be deployed on bare metal with`
			`Docker or directly in [Kubernetes].`

			`<p align="center">`
Sync README.md from GitHub to DockerHub after push-manifest 2019-11-09 18:42:36 +00:00			`<img src="https://github.com/clems4ever/authelia/raw/master/images/nginx.logo.png" height="50"/>`
			`<img src="https://github.com/clems4ever/authelia/raw/master/images/traefik.logo.png" height="50"/>`
			`<img src="https://github.com/clems4ever/authelia/raw/master/images/kubernetes.logo.png" height="50"/>`
Update README to mention nginx and Traefik and update images. 2019-04-17 21:02:10 +00:00			`</p>`

Refactor README into several documents unders docs directory. (#265) 2018-08-26 21:46:15 +00:00			`## Getting Started`
Update the README with U2F support and new screenshots 2017-01-29 15:29:36 +00:00
[BREAKING] Create a suite for kubernetes tests. Authelia client uses hash router instead of browser router in order to work with Kubernetes nginx-ingress-controller. This is also better for users having old browsers. This commit is breaking because it requires to change the configuration of the proxy to include the # in the URL of the login portal. 2019-03-03 22:51:52 +00:00			`You can start off with`

Update README.md 2019-03-25 08:04:58 +00:00			`git clone https://github.com/clems4ever/authelia.git && cd authelia`
[BREAKING] Create a suite for kubernetes tests. Authelia client uses hash router instead of browser router in order to work with Kubernetes nginx-ingress-controller. This is also better for users having old browsers. This commit is breaking because it requires to change the configuration of the proxy to include the # in the URL of the login portal. 2019-03-03 22:51:52 +00:00			`source bootstrap.sh`

Sync README.md from GitHub to DockerHub after push-manifest 2019-11-09 18:42:36 +00:00			`If you want to go further, please read [Getting Started](https://github.com/clems4ever/authelia/blob/master/docs/getting-started.md).`
Add details on how to deploy Authelia in a dev environment. Also improve some part of the documentation. 2018-11-16 07:39:57 +00:00
			`## Deployment`

[BREAKING] Create a suite for kubernetes tests. Authelia client uses hash router instead of browser router in order to work with Kubernetes nginx-ingress-controller. This is also better for users having old browsers. This commit is breaking because it requires to change the configuration of the proxy to include the # in the URL of the login portal. 2019-03-03 22:51:52 +00:00			`Now that you have tested Authelia and you want to try it out in your own infrastructure,`
Sync README.md from GitHub to DockerHub after push-manifest 2019-11-09 18:42:36 +00:00			`you can learn how to deploy and use it with [Deployment](https://github.com/clems4ever/authelia/blob/master/docs/deployment-production.md).`
[BREAKING] Create a suite for kubernetes tests. Authelia client uses hash router instead of browser router in order to work with Kubernetes nginx-ingress-controller. This is also better for users having old browsers. This commit is breaking because it requires to change the configuration of the proxy to include the # in the URL of the login portal. 2019-03-03 22:51:52 +00:00			`This guide will show you how to deploy it on bare metal as well as on`
			`[Kubernetes](https://kubernetes.io/).`
Update README with session management and add a table of contents 2017-07-13 22:52:07 +00:00
Add notes on security measures deployed in Authelia in README 2017-10-15 15:57:12 +00:00			`## Security`

Refactor README into several documents unders docs directory. (#265) 2018-08-26 21:46:15 +00:00			`If you want more information about the security measures applied by`
			`Authelia and some tips on how to set up Authelia in a secure way,`
Sync README.md from GitHub to DockerHub after push-manifest 2019-11-09 18:42:36 +00:00			`refer to [Security](https://github.com/clems4ever/authelia/blob/master/docs/security.md).`
Add notes on security measures deployed in Authelia in README 2017-10-15 15:57:12 +00:00
Add a link to the breaking changes markdown in README. 2019-04-16 20:58:45 +00:00			`## Changelog & Breaking changes`
Update the README with U2F support and new screenshots 2017-01-29 15:29:36 +00:00
Sync README.md from GitHub to DockerHub after push-manifest 2019-11-09 18:42:36 +00:00			`See [CHANGELOG.md](https://github.com/clems4ever/authelia/blob/master/CHANGELOG.md) and [BREAKING.md](https://github.com/clems4ever/authelia/blob/master/BREAKING.md).`
Update README to mention kubernetes in the description Also add a link to the wiki. 2018-04-26 07:22:40 +00:00
Improve CONTRIBUTE section of the README. 2018-11-15 21:47:27 +00:00			`## Contribute`
Update the README with U2F support and new screenshots 2017-01-29 15:29:36 +00:00
Improve CONTRIBUTE section of the README. 2018-11-15 21:47:27 +00:00			`Anybody willing to contribute to the project either with code,`
			`documentation, security reviews or whatever, are very welcome to issue`
			`or review pull requests and take part to discussions in`
			`[Gitter](https://gitter.im/authelia/general?utm_source=share-link&utm_medium=link&utm_campaign=share-link).`

Sync README.md from GitHub to DockerHub after push-manifest 2019-11-09 18:42:36 +00:00			`I am very grateful to contributors for their contributions to the project. Don't hesitate be the next!`
Add details on how to deploy Authelia in a dev environment. Also improve some part of the documentation. 2018-11-16 07:39:57 +00:00
			`## Build Authelia`

Sync README.md from GitHub to DockerHub after push-manifest 2019-11-09 18:42:36 +00:00			`If you want to contribute with code, you should follow the documentation explaining how to [build](https://github.com/clems4ever/authelia/blob/master/docs/build-and-dev.md) the application.`
Adding README, LICENSE and CONTRIBUTORS files 2016-12-17 19:19:10 +00:00
			`## License`
Refactor README into several documents unders docs directory. (#265) 2018-08-26 21:46:15 +00:00
Change license from MIT to Apache 2.0. 2019-04-16 21:40:15 +00:00			`Authelia is licensed under the [Apache 2.0] license. The terms of the license are detailed`
Sync README.md from GitHub to DockerHub after push-manifest 2019-11-09 18:42:36 +00:00			`in [LICENSE](https://github.com/clems4ever/authelia/blob/master/LICENSE).`
Adding README, LICENSE and CONTRIBUTORS files 2016-12-17 19:19:10 +00:00

Change license from MIT to Apache 2.0. 2019-04-16 21:40:15 +00:00			`[Apache 2.0]: https://www.apache.org/licenses/LICENSE-2.0`
Update the README with U2F support and new screenshots 2017-01-29 15:29:36 +00:00			`[TOTP]: https://en.wikipedia.org/wiki/Time-based_One-time_Password_Algorithm`
Update the documentation to include information on Duo. 2019-03-24 17:45:32 +00:00			`[Security Key]: https://www.yubico.com/about/background/fido/`
Update the README with U2F support and new screenshots 2017-01-29 15:29:36 +00:00			`[Yubikey]: https://www.yubico.com/products/yubikey-hardware/yubikey4/`
Update the README to take example environment changes and new deployment command into account 2017-06-29 09:51:52 +00:00			`[auth_request]: http://nginx.org/en/docs/http/ngx_http_auth_request_module.html`
			`[Google Authenticator]: https://play.google.com/store/apps/details?id=com.google.android.apps.authenticator2&hl=en`
Update README.md 2019-03-25 08:04:58 +00:00			`[config.template.yml]: https://github.com/clems4ever/authelia/blob/master/config.template.yml`
Update README to mention nginx and Traefik and update images. 2019-04-17 21:02:10 +00:00			`[nginx]: https://www.nginx.com/`
			`[Traefik]: https://traefik.io/`
			`[HAproxy]: http://www.haproxy.org/`
			`[Kubernetes]: https://kubernetes.io/`