A self-hosted, container-native OAuth2/OIDC identity platform.
Kotlin · OAuth2/OIDC · Hexagonal · Docker
Role
Sole author. Architecture and implementation.
Problem
Teams get stuck choosing between heavyweight enterprise IAM like Keycloak and closed SaaS like Auth0 or Clerk. Kotauth aims for a self-hostable middle ground with full OAuth2/OIDC compliance.
Approach
Designed with a hexagonal architecture (ports and adapters) that isolates domain logic from frameworks, documented in 15+ ADRs. It includes multi-tenant workspaces with per-tenant RS256 keys, RBAC with composite roles, TOTP and MFA, social login, an immutable HMAC-chained audit log, and HMAC-signed webhooks, all exposed through a 30+ endpoint REST API with OpenAPI and a one-command Docker deployment.