authentik
Open-source identity provider
Open-source IdP with a flexible flow engine — self-host SSO, OIDC, SAML, and MFA, or run the enterprise edition.
At a glance
- Category
- Open-source identity provider
- Ownership
- Authentik Security (open source)
- Founded
- 2021 (Authentik Security)
- Deployment
- Self-hosted · Cloud · Hybrid
- Pricing
- Open source (self-hosted); paid enterprise edition
- Experience
- Developer-first
- Segments
- B2B SaaS · Public sector · Fintech
Overview
authentik is an open-source identity provider supporting SSO via OIDC, SAML, and LDAP, with a flexible flow/stage engine for custom login and enrollment journeys, MFA, and self-service. It is self-hostable and free, with a paid enterprise edition for support and advanced features. It suits teams wanting an open, customizable IdP.
Best for
Engineering teams that want an open-source, self-hostable IdP with highly customizable login and enrollment flows.
Consider alternatives if
You want a fully managed, zero-ops SaaS with vendor SLAs, or turnkey large-scale B2C consumer features out of the box.
Capabilities
- SSO (SAML / OIDC) ✓
- SCIM provisioning ✓
- Multi-factor auth ✓
- Passwordless / passkeys ✓
- Social login ✓
- Self-hosted option ✓
Capability flags are directional, for shortlisting — verify against current vendor documentation before a decision.
Strengths
- Open source with a flexible flow/stage engine
- Broad protocol support (OIDC, SAML, LDAP)
- Self-hosted, with a paid enterprise edition
- Active community and rapid development
Considerations
- Self-hosting carries operational responsibility
- Younger and smaller ecosystem than Keycloak
- Large-scale B2C features are less turnkey than dedicated CIAM SaaS
Related reading
This profile is editorial and independent. authentik's directory listing is free — no placement here is paid, and sponsorship never buys a better verdict. Our neutrality charter.
← All vendors