OFFA offers easy to use OpenID Federation Authentication and Authorisation for existing services. OFFA can be deployed along existing services and handle all OpenID Federation communication for your services.
OFFA implements Forward Authentication usable with Traefik, NGINX, Caddy, and maybe other reverse proxies.
OFFA also implements Auth MemCookie usable with Apache.
For more information please refer to the Documentation at https://go-oidfed.github.io/offa/
Configuration of OFFA is explained in details at https://go-oidfed.github.io/offa/config/.
Docker images are available at docker hub oidfed/offa.
This is currently a Proof of Concept, that still needs some improvements and tweaking.
The following is a list of TODOs:
- Query userinfo endpoint for user information in additional to id token.
- Show Home page with user information
- Also use this as the default redirect target if no
nextis given
- Also use this as the default redirect target if no
- Other things will probably be added with further testing
- The default port
15661represents the nameOFFAOis the 15th letter of the alphabet,Fthe sixth,Athe first
- The elements in the logo have a meaning:
- You might have noticed that OFFA sounds a lot like offer. The open hand offers the feather.
- The word
federationcontains the German wordFederwhich meansfeather. Therefore, the feather. - Putting it together: A hand offering a feather.
You do not have to use OFFA, it's just an offer.
