Specifications¶
This page details which specifications are implemented in Canaille, and compares Canaille with other well-known identity providers.
State of the specs in Canaille¶
OAuth2¶
❌ RFC7523: JWT Profile for OAuth 2.0 Client Authentication and Authorization Grants
✅ RFC7592: OAuth 2.0 Dynamic Client Registration Management Protocol
✅ RFC7636: Proof Key for Code Exchange by OAuth Public Clients
❌ RFC8705: OAuth 2.0 Mutual-TLS Client Authentication and Certificate-Bound Access Tokens
❌ RFC9068: JSON Web Token (JWT) Profile for OAuth 2.0 Access Tokens
❌ RFC9101: OAuth 2.0 JWT-Secured Authorization Request (JAR)
❌ RFC9207: OAuth 2.0 Authorization Server Issuer Identification
OpenID Connect¶
SCIM¶
Comparison with other providers¶
Here is a feature comparison with other OpenID Connect server software.
Canaille voluntarily only implements the OpenID Connect protocol to keep its codebase simple.
Software |
Project |
Protocols implementations |
Backends |
||||||
---|---|---|---|---|---|---|---|---|---|
FLOSS |
Language |
LOC |
OIDC |
SAML |
CAS |
SCIM |
LDAP |
SQL |
|
Canaille |
✅ |
Python |
10k |
✅ |
❌ |
❌ |
❌ |
✅ |
✅ |
❌ |
❔ |
❔ |
✅ |
✅ |
❌ |
✅ |
✅ |
❔ |
|
✅ |
Go |
50k |
✅ |
❌ |
❌ |
❌ |
✅ |
✅ |
|
✅ |
Python |
65k |
✅ |
✅ |
✅ |
❌ |
✅ |
✅ |
|
✅ |
Python |
55k |
✅ |
✅ |
❌ |
✅ |
✅ |
✅ |
|
✅ |
Java |
360k |
✅ |
✅ |
✅ |
✅ |
✅ |
❌ |
|
❌ |
❔ |
❔ |
✅ |
✅ |
❌ |
❌ |
✅ |
✅ |
|
✅ |
Java |
❔ |
✅ |
✅ |
✅ |
✅ |
✅ |
❔ |
|
✅ |
Go |
50k |
✅ |
✅ |
❌ |
❌ |
✅ |
✅ |
|
✅ |
Java |
600k |
✅ |
✅ |
✅ |
✅ |
✅ |
✅ |
|
✅ |
Perl |
130k |
✅ |
✅ |
✅ |
❌ |
✅ |
✅ |
|
❌ |
❔ |
❔ |
✅ |
✅ |
❌ |
✅ |
✅ |
✅ |