Specifications

This page details which specifications are implemented in Canaille, and compares Canaille with other well-known identity providers.

State of the specs in Canaille

OAuth2

OpenID Connect

SCIM

Canaille provides a basic SCIM server implementation.

Client-side implementation (i.e. broadcasting changes on users and groups among clients) and advanced features will be implemented in the future.

What’s implemented

Endpoints:

  • /Users (GET, POST)

  • /Users/<user_id> (GET, PUT, DELETE)

  • /Groups (GET, POST)

  • /Groups/<user_id> (GET, PUT, DELETE)

  • /ServiceProviderConfig (GET)

  • /Schemas (GET)

  • /Schemas/<schema_id> (GET)

  • /ResourceTypes (GET)

  • /ResourceTypes/<resource_type_id> (GET)

Features:

What is not implemented yet

Endpoints:

  • /Users (PATCH)

  • /Groups (PATCH)

  • /Me (GET, POST, PUT, PATCH, DELETE)

  • /Bulk (POST)

  • /.search (POST)

Features

Comparison with other providers

Here is a feature comparison with other OpenID Connect server software.

Canaille voluntarily only implements the OpenID Connect protocol to keep its codebase simple.

Software

Project

Protocols implementations

Backends

FLOSS

Language

LOC

OIDC

SAML

CAS

SCIM

LDAP

SQL

Canaille

Python

10k

🟠

Auth0

Authelia

Go

50k

Authentic2

Python

65k

Authentik

Go

55k

CAS

Java

360k

Connect2id

Gluu

Java

Hydra

Go

50k

Keycloak

Java

600k

LemonLDAP

Perl

130k

Okta