Identity is the missing link that connects all your users, apps,
services, and devices to each other and the rest of the world.

We're building the definitive identity and access hub.
It's the only thing you'll need to connect everything.
And it's completely open source.

Fork on GitHub Chat on Gitter

Just a few of the OAuth providers Anvil Connect supports.

Single Sign-On

Using Anvil Connect, you can authenticate users with your choice of passwords or countless OAuth providers, right out of the box.

Go further and brand the interface with your own design. You can even employ a custom auth scheme. Use virtually any existing Passport.js strategy or your very own code.

Have more than one app? Your users get a seamless Single Sign-On experience with shared sessions.

Effortless OAuth

Apps today rely on all kinds of third party data, but integrating with so many OAuth providers can be a roadblock. With Anvil Connect, you just register with each provider you want to use, install one client library in your app, and start sending API requests.

Need to share data securely between your own loosely coupled apps and services? How about exposing it to other developers? Anvil Connect can issue stateless, signed JSON Web Tokens using simple two- and three-legged OAuth 2.0 flows.

Federated Identity

As you grow, you become the bedrock of an ecosystem. As a federated identity provider, other developers' apps can be authenticated with your users' accounts, extending the reach of your brand and offering incredible convenience to end users and customers.

Free and Open Source

Best of all, Anvil Connect is MIT licensed and 100% open source. You can start using it without breaking the bank, and you'll never have to worry about that SaaS company closing it's doors.

Critical Infrastructure

We recognize the fact that the impact of infrastructure is leveraged. Our work affects not only our software's direct users, but their users as well.

Business continuity and investments in development should never be in jeopardy because of a proprietary dependency. That's why we believe critical infrastructure must be free and open source.

Open Collaboration

Development of Anvil Connect is driven by the people who depend on it most.

There are lots of ways you can make a difference, like filing issues, contributing code, chatting on Gitter, joining weekly hangouts, blogging, tweeting, and even helping improve the docs (*cough*).

With open source, all things are possible and when we work together, everyone wins.


We're serious about open standards and interoperability. Anvil Connect works with any language, platform or framework that can talk HTTP and there are already scores of compatible libraries.

OAuth 2.0

Sharing passwords is unsafe. OAuth defines a set of authorization flows that let users securely delegate access to their accounts by third party software. OAuth's access tokens can also be used for client-server authentication where user consent isn't required.

OpenID Connect

This profile of OAuth 2.0 provides strong identity assurances using simple auth flows that work with browser, server, and mobile applications. The specification also supports discovery, dynamic registration, session management, and encryption.

JSON Web Tokens

Anvil Connect issues identity and access tokens as digitally signed JSON Web Tokens. Signatures provide an exceptionally trustworthy mechanism for verifying authenticity. And with their object payload, JWTs can carry everything needed to authorize an API request.

Get Started

Be sure to have Node.js, npm and Redis installed on your system. Check the documentation for more details.

$ npm install -g anvil-connect  # Install the Anvil Connect CLI
$ mkdir [PATH/TO/PROJECT]       # Make a directory for your new project
$ cd [PATH/TO/PROJECT]          # Change into the directory
$ nv init                       # Initialize your instance
$ npm install                   # Install dependencies
$ nv migrate                    # Initialize Redis (use a fresh instance)
$ nv signup                     # Create your first user account
$ nv assign <email> authority   # Give the new user privileges
$ node server.js                # Start the server