whatisgithub

What is oaioidc?

wmn1525/oaioidc — explained in plain English

Analysis updated 2026-05-18

25PythonAudience · ops devopsComplexity · 3/5LicenseSetup · moderate

In one sentence

A lightweight self-hosted identity server that lets users log in once and access multiple internal apps using the OpenID Connect standard.

Mindmap

mindmap
  root((oaioidc))
    What it does
      Single sign-on server
      OpenID Connect provider
      Signed identity tokens
    Tech stack
      Python
      Flask
      SQLite
    Access control
      Registration codes
      Email domain restriction
      Admin dashboard
    Use cases
      Internal app SSO
      Small team identity server
    Audience
      Ops and DevOps

Code map

Detail Auto

An interactive map of this repo's files and how they connect — its source is parsed live in your browser. Click Visualize to build it.

filefunction / class

What do people build with it?

USE CASE 1

Stand up single sign-on for a handful of internal tools without deploying a full enterprise identity platform.

USE CASE 2

Restrict new account registration to invite-only codes or a specific company email domain.

USE CASE 3

Let connected apps verify user identity with signed tokens fetched from a simple JWKS endpoint.

What is it built with?

PythonFlaskSQLiteDocker

How does it compare?

wmn1525/oaioidcarlandaren/proagentsaudietoffe/plasma-gpu-router
Stars252525
LanguagePythonPythonPython
Setup difficultymoderateeasyhard
Complexity3/51/53/5
Audienceops devopsvibe coderops devops

Figures from each repo's GitHub metadata at analysis time.

How do you get it running?

Difficulty · moderate Time to first run · 30min

No refresh token, userinfo endpoint, or multi-tenant support yet, intended for small internal deployments only.

Use freely for any purpose, including commercial use, as long as you keep the copyright notice.

So what is it?

OAIOIDC is a lightweight, self-hosted identity server that handles single sign-on for internal systems. It implements OpenID Connect (OIDC), a standard protocol that lets users log in once and access multiple connected applications without entering their credentials again. The project is aimed at small internal deployments where a full enterprise identity platform would be more than needed. The server is built in Python with Flask and stores all data in SQLite, making it straightforward to deploy on a single machine without setting up a separate database. It runs locally or in Docker and exposes the standard OIDC discovery endpoints that connected applications use to verify identities and fetch public signing keys. User registration is controlled through a CDK system. An administrator creates registration codes with a limited number of uses and distributes them to people who need accounts. Only someone with a valid code can register, which keeps the user base to a known set. Registration can also be restricted to a fixed email domain, so only addresses from a specific organization are accepted. Once a user registers and logs in, connected applications receive signed tokens (ID Token and Access Token) that confirm the user's identity. The tokens are signed with an RS256 key that the server generates automatically on first start. Applications verify these tokens using the public key exposed at the /jwks.json endpoint. An admin dashboard lets administrators manage registered applications, review audit logs, view users, and manage CDKs. The README notes that the server does not yet support refresh tokens, the userinfo endpoint, or multi-tenant deployments, and recommends a more complete identity platform for organizations that need those features. MIT licensed.

Copy-paste prompts

Prompt 1
Deploy oaioidc in Docker and generate a registration code so my team can create their first accounts.
Prompt 2
Configure oaioidc to only accept registrations from our company email domain.
Prompt 3
Show me how a connected application should verify an oaioidc ID token using the /jwks.json endpoint.
Prompt 4
Set up the oaioidc admin dashboard and walk me through reviewing audit logs and managing registered apps.

Frequently asked questions

What is oaioidc?

A lightweight self-hosted identity server that lets users log in once and access multiple internal apps using the OpenID Connect standard.

What language is oaioidc written in?

Mainly Python. The stack also includes Python, Flask, SQLite.

What license does oaioidc use?

Use freely for any purpose, including commercial use, as long as you keep the copyright notice.

How hard is oaioidc to set up?

Setup difficulty is rated moderate, with roughly 30min to a first successful run.

Who is oaioidc for?

Mainly ops devops.

Open on GitHub → Ask about another repo

This repo across BitVibe Labs

Verify against the repo before relying on details.