Authelia is an open-source authentication application which can be used for single sign-on and 2FA (two-factor authentication) for applications through a login portal.
Table of Contents
Main Features of Authelia
- Several kinds of second factor authentication:
- Password reset with identity verification using email confirmation.
- Single-factor only authentication method available.
- Access restriction after too many authentication attempts.
- Fine-grained access control per subdomain, user, resource and network.
- Support of basic authentication for endpoints protected by single factor.
Example of the Authelia Flow
Docker Compose Example
authelia: container_name: authelia image: authelia/authelia volumes: - C:\Docker\authelia\authelia\:/config environment: - 'TZ=America/New_York' networks: - default - authelia ports: - 9091:9091 restart: always redis: image: redis:alpine container_name: redis networks: - authelia volumes: - ./redis:/data ports: - 6379:6379 restart: always environment: - TZ=America/New_York
Authelia provides different configuration types depending on the required types of authentication and external dependencies. If used in a small scale for public services the Lite bundle should be fine. Take a look at the Authelia Github page for more information.
Authelia Reverse Proxy Setup
I use the LetsEncrypt Nginx Docker container which includes Authelia built in but needs to be enabled. Additional information for troubleshooting can be found on the Proxy Integration page maintained by Authelia.
Authelia provides additional security to any services or hosted applications which are public facing and might not provide its own login method or where a 2FA is needed. Installation requires no coding to integrate and is done with some basic configuration files and reverse proxy setup which is all covered in the documentation.