Skip to content
Kotauth

Identity infrastructure for modern apps

Self-hosted OAuth2 / OIDC provider built for Docker and cloud architectures. Open source. Up in minutes.
Quickstart View on GitHub

OAuth2 / OIDC Compliant

Authorization Code + PKCE, Client Credentials, refresh token rotation, token introspection and revocation. Fully spec-compliant.

Multi-Tenant

Isolated workspaces — each with their own users, applications, signing keys, and SMTP config. One instance, many products.

REST API

30+ endpoints for managing users, roles, groups, sessions, and audit logs. API key authentication with fine-grained scopes.

Docker Native

Single container, auto-migrations, minimal config. Run locally in under two minutes. Production-ready behind a reverse proxy.

RBAC + Groups

Roles, hierarchical groups, composite role inheritance. JWT claims include realm_access and resource_access out of the box.

MFA & Social Login

TOTP (RFC 6238) with recovery codes and per-tenant policy. Google and GitHub social login with automatic account linking.