A Tigrbl Multi‑tenant OpenID‑Connect / OAuth2 Identity‑Provider server by Swarmauri.
Project description
Tigrbl Auth
Terminology
- Tenant – a namespace used to group related resources such as repositories or clients.
- Principal – an owner of resources, for example an individual user or an organization.
Auto Authn: Multi-Tenant OpenID Connect Provider
Auto Authn is an async, SQL-backed Identity Provider for OpenID Connect 1.0 and OAuth 2.1.
It provides per-tenant isolation and is designed to scale for SaaS deployments.
Features
- Per-tenant issuer URLs with isolated user and client tables.
- RSA-based JWT signing with helpers for key rotation.
- FastAPI and SQLAlchemy 2.0 async stack.
- OIDC discovery endpoints and JWKS generation.
- Configurable PostgreSQL or SQLite storage with optional Redis support.
Installation
pip install tigrbl_auth
Extras are available for common database drivers:
# PostgreSQL
pip install tigrbl_auth[postgres]
# SQLite
pip install tigrbl_auth[sqlite]
Quick Start
from tigrbl_auth.app import create_app
app = create_app()
The embedded surface_api exposes resource and flow operations for in-process usage via
namespaces like surface_api.core.User.create.
Check the documentation for detailed setup and configuration.
To run the API locally with Uvicorn:
uvicorn tigrbl_auth.app:app --reload
The service exposes an OpenID Connect discovery document at
/.well-known/openid-configuration and publishes its JSON Web Key Set at
/.well-known/jwks.json.
Configuration
Auto Authn reads settings from environment variables. Common options include:
PG_DSNor the combination ofPG_HOST,PG_PORT,PG_DB,PG_USER,PG_PASSfor database connectivity.REDIS_HOST,REDIS_PORT,REDIS_DB, andREDIS_PASSWORDfor Redis session storage (optional).JWT_SECRETfor token signing andLOG_LEVELto control logging verbosity.
Docker
A lightweight Dockerfile is provided. Build and run the service with:
docker build -t tigrbl-auth .
docker run -p 8000:8000 tigrbl-auth
Visit http://localhost:8000/docs to explore the interactive API documentation.
Contributing
Contributions are welcome! Please open an issue or submit a pull request to discuss improvements.
License
Apache-2.0
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file tigrbl_auth-0.3.0.dev2.tar.gz.
File metadata
- Download URL: tigrbl_auth-0.3.0.dev2.tar.gz
- Upload date:
- Size: 62.9 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: uv/0.8.16
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
3073c0864d02636af19330935d0fba701535bf3dbd58d9bb85616f6c82e05666
|
|
| MD5 |
2941eb660cf9f449b76e1c13a13496ad
|
|
| BLAKE2b-256 |
b64850c93e86fcfb737553447168805ccfb838fda9ca44992acb28cf645a29ae
|
File details
Details for the file tigrbl_auth-0.3.0.dev2-py3-none-any.whl.
File metadata
- Download URL: tigrbl_auth-0.3.0.dev2-py3-none-any.whl
- Upload date:
- Size: 99.6 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: uv/0.8.16
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
cb6c0244a8615342266d7b0959a8abfe5518cb1e43c78872fd3a76aae9b05dce
|
|
| MD5 |
41cbcc9ad08f69bdbe80fc31abec25e0
|
|
| BLAKE2b-256 |
e770cf8dc40045c9d06b4f6c3690d46cc786d51bd652b3be5b5c326067497229
|
