authlib alternatives and similar packages
Based on the "OAuth" category.
Alternatively, view authlib alternatives based on common mentions on social networks and blogs.
-
django-allauth
Integrated set of Django applications addressing authentication, registration, account management as well as 3rd party (social) account authentication. -
Authomatic
Simple yet powerful authorization / authentication client library for Python web applications.
Judoscale - Save 47% on cloud hosting with autoscaling that just works

* Code Quality Rankings and insights are calculated and provided by Lumnify.
They vary from L1 to L5 with "L5" being the highest.
Do you think we are missing an alternative of authlib or a related project?
README
Authlib
The ultimate Python library in building OAuth and OpenID Connect servers. JWS, JWK, JWA, JWT are included.
Authlib is compatible with Python3.6+.
Sponsors
If you want to quickly add secure token-based authentication to Python projects, feel free to check Auth0's Python SDK and free plan at auth0.com/developers. Kraken is the world's leading customer & culture platform for energy, water & broadband. Licensing enquiries at Kraken.tech. A blogging and podcast hosting platform with minimal design but powerful features. Host your blog and Podcast with Typlog.com.
Fund Authlib to access additional features
Features
Generic, spec-compliant implementation to build clients and providers:
- The OAuth 1.0 Protocol
- The OAuth 2.0 Authorization Framework
- RFC6749: The OAuth 2.0 Authorization Framework
- RFC6750: The OAuth 2.0 Authorization Framework: Bearer Token Usage
- RFC7009: OAuth 2.0 Token Revocation
- RFC7523: JWT Profile for OAuth 2.0 Client Authentication and Authorization Grants
- RFC7591: OAuth 2.0 Dynamic Client Registration Protocol
- [ ] RFC7592: OAuth 2.0 Dynamic Client Registration Management Protocol
- RFC7636: Proof Key for Code Exchange by OAuth Public Clients
- RFC7662: OAuth 2.0 Token Introspection
- RFC8414: OAuth 2.0 Authorization Server Metadata
- RFC8628: OAuth 2.0 Device Authorization Grant
- Javascript Object Signing and Encryption
- RFC7515: JSON Web Signature
- RFC7516: JSON Web Encryption
- RFC7517: JSON Web Key
- RFC7518: JSON Web Algorithms
- RFC7519: JSON Web Token
- RFC7638: JSON Web Key (JWK) Thumbprint
- [ ] RFC7797: JSON Web Signature (JWS) Unencoded Payload Option
- RFC8037: ECDH in JWS and JWE
- [ ] draft-madden-jose-ecdh-1pu-04: Public Key Authenticated Encryption for JOSE: ECDH-1PU
- OpenID Connect 1.0
- [x] OpenID Connect Core 1.0
- [x] OpenID Connect Discovery 1.0
Connect third party OAuth providers with Authlib built-in client integrations:
Build your own OAuth 1.0, OAuth 2.0, and OpenID Connect providers:
- Flask
- Django
Useful Links
- Homepage: https://authlib.org/.
- Documentation: https://docs.authlib.org/.
- Purchase Commercial License: https://authlib.org/plans.
- Blog: https://blog.authlib.org/.
- Twitter: https://twitter.com/authlib.
- StackOverflow: https://stackoverflow.com/questions/tagged/authlib.
- Other Repositories: https://github.com/authlib.
- Subscribe Tidelift: https://tidelift.com/subscription/pkg/pypi-authlib.
Security Reporting
If you found security bugs, please do not send a public issue or patch. You can send me email at [email protected]. Attachment with patch is welcome. My PGP Key fingerprint is:
72F8 E895 A70C EBDF 4F2A DFE0 7E55 E3E0 118B 2B4C
Or, you can use the Tidelift security contact. Tidelift will coordinate the fix and disclosure.
License
Authlib offers two licenses:
- BSD (LICENSE)
- COMMERCIAL-LICENSE
Companies can purchase a commercial license at Authlib Plans.
If your company is creating a closed source OAuth provider, it is strongly suggested that your company purchasing a commercial license.
Support
If you need any help, you can always ask questions on StackOverflow with a tag of "Authlib". DO NOT ASK HELP IN GITHUB ISSUES.
We also provide commercial consulting and supports. You can find more information at https://authlib.org/support.
*Note that all licence references and agreements mentioned in the authlib README section above
are relevant to that project's source code only.