"The best authentication plugin for the Bukkit modding API!"
| Type | Badges |
|---|---|
| Code quality: |   |
| Jenkins CI: |   |
| Other CIs: |  |
Prevent username stealing on your server!
Use it to secure your Offline mode server or to increase your Online mode server's protection!
AuthMeReloaded disallows players who aren't authenticated to do actions like placing blocks, moving,
typing commands or using the inventory. It can also kick players with uncommonly long or short player names or kick players from banned countries.
With the Session Login feature, you don't have to execute the authentication command every time you connect to the server! Each command and every feature can be enabled or disabled from our well-structured configuration file.
You can also create your own translation file and, if you want, you can share it with us! :)
- E-Mail Recovery System!
- Username spoofing protection.
- Countries Whitelist/Blacklist! (country codes)
- Built-in AntiBot System!
- ForceLogin Feature: Admins can login with all account via console command!
- Avoid the "Logged in from another location" message!
- Two-factor (2FA) support!
- Session Login!
- Editable translations and messages!
- MySQL and SQLite Backend support!
- Supported password encryption algorithms: SHA256, ARGON2, BCRYPT, PBKDF2
- Supported alternative registration methods:
- PHPBB, VBulletin: PHPBB - MD5VB
- Xenforo: XFBCRYPT
- MyBB: MYBB
- IPB3: IPB3
- IPB4: IPB4
- PhpFusion: PHPFUSION
- Joomla: JOOMLA
- WBB3: WBB3*
- SHA512: SALTEDSHA512
- DoubleSaltedMD5: SALTED2MD5
- WordPress: WORDPRESS
- List of all supported hashes
- Custom MySQL tables/columns names (useful with forum databases)
- Cached database queries!
- Fully compatible with Citizens2, CombatTag, CombatTagPlus!
- Velocity proxy bridge for inter-server authentication.
- Compatible with Minecraft mods like BuildCraft or RedstoneCraft
- Graphical login/register dialogs, with optional Paper/Folia pre-join dialogs
- Restricted users (associate a username with an IP)
- Protect player's inventory until correct authentication (requires PacketEvents)
- Premium bypass: Mojang-account holders skip password auth (requires PacketEvents)
- Saves the quit location of the player
- Automatic database backup
- Available languages: translations
- Built-in deprecated FlatFile (auths.db) to SQL (authme.sql) converter!
- Import Auth+ accounts or migrate between SQLite and MySQL without losing AuthMe data.
AuthMe can display graphical login/register dialogs instead of chat-based prompts.
settings.registration.dialog.postJoin.enableenables the post-join dialog flow.settings.registration.dialog.preJoin.enableenables the pre-join dialog flow on Paper/Folia.- Both options are independent: you can enable either one, both, or neither.
- Pre-join dialogs currently require modern dialog-capable server versions such as Paper/Folia 1.21.11+.
- Verified premium players skip the pre-join dialog entirely when premium bypass is enabled.
AuthMe can let players with a legitimate Mojang account skip password authentication entirely. Identity is verified via a cryptographic handshake with Mojang's session server during the Minecraft login phase — no password prompt is ever shown.
- Enable with
settings.enablePremium: trueinconfig.yml. - Players opt in with
/premiumand out with/freemium(must be logged in). Admins can enrol or remove players with/authme premium <player>//authme freemium <player>. - Direct-connection (offline-mode, no proxy): requires PacketEvents 2.x. Without it, premium bypass is disabled at startup (fail-closed).
- Behind an online-mode proxy (Velocity / BungeeCord): the proxy authenticates with Mojang and forwards the verified UUID — no PacketEvents needed on the backend. Set
Hooks.bungeecord: trueon the backend. - Behind an offline-mode proxy: install
authme-velocityorauthme-bungeeon the proxy; premium players are authenticated per-player by the proxy and the verified UUID is forwarded to the backend. - Full documentation: docs/premium.md
- authme.player.* - for all user commands
- authme.admin.* - for all admin commands
- List of all permission nodes
- How to use the Auth+ converter
- Website integration
- Convert between database types (e.g. SQLite to MySQL):
/authme converter sqliteToSql
-
Support:
-
Dev resources:
<repositories> <repository> <id>codemc-repo</id> <url>https://repo.codemc.org/repository/maven-public/</url> </repository> </repositories> <dependencies> <dependency> <groupId>fr.xephi</groupId> <artifactId>authme-core</artifactId> <version>6.0.0-SNAPSHOT</version> <scope>provided</scope> </dependency> </dependencies>
-
Statistics:
- JDK 17+ for
authme-core,authme-tools, andauthme-spigot-legacy- JDK 21+ for the full multi-module build (
authme-bungee,authme-spigot-1.21,authme-paper-common,authme-paper,authme-folia,authme-velocity)- Maven (3.8.8+)
- Git/GitHub (Optional)
- Clone the project with Git/GitHub
- Execute command
mvn clean package- With JDK 17, Maven builds only the Java 17-compatible modules
- With JDK 21+, Maven builds the full reactor
- Build and tooling command reference: docs/build.md
- Use the jar matching your server platform/version
- Java 17+ for
AuthMe-*-Spigot-Legacy.jar(Spigot 1.16.x – 1.19.x)- Java 21+ for:
AuthMe-*-Bungee.jar(BungeeCord / Waterfall-compatible 1.19 API)AuthMe-*-Velocity.jar(Velocity 3.4+ proxy bridge)AuthMe-*-Spigot-1.21.jar(Spigot 1.20.x – 1.21.x)AuthMe-*-Paper.jar(Paper 1.21+)AuthMe-*-Folia.jar(Folia 1.21+)- PacketEvents 2.x (optional plugin; required for inventory protection, tab-complete blocking, and premium bypass)
Team members: developers, translators
Credits for the old version of the plugin: d4rkwarriors, fabe1337, Whoami2 and pomo4ka
Thanks also to: AS1LV3RN1NJA, Hoeze and eprimex
This product uses data from the GeoLite API created by MaxMind, available at https://www.maxmind.com