# Introduction

**Production-ready OAuth 2.0 Server and OpenID Connect 1.0 Provider**

Authority is a complete authentication infrastructure built with Crystal, featuring enterprise-grade security and a modern admin dashboard.

## Quick Start

Get Authority running in 5 minutes:

```bash
# Clone the repository
git clone https://github.com/azutoolkit/authority.git
cd authority

# Start with Docker
docker-compose up -d

# Visit http://localhost:4000
```

See [Quick Start Tutorial](https://azutopia.gitbook.io/authority/tutorials/quick-start) for a complete walkthrough.

## Key Features

| Category           | Features                                                                  |
| ------------------ | ------------------------------------------------------------------------- |
| **OAuth 2.0**      | Authorization Code, PKCE, Client Credentials, Device Flow, Refresh Tokens |
| **OpenID Connect** | ID Tokens, UserInfo, Discovery, JWKS                                      |
| **Security**       | MFA/TOTP, Account Lockout, Password Policies, Audit Logging               |
| **Admin**          | Client Management, User Management, Scope Configuration, Settings         |

## Documentation Overview

This documentation is organized using the [Diataxis framework](https://diataxis.fr/):

### [Tutorials](https://azutopia.gitbook.io/authority/tutorials/tutorials)

Step-by-step guides for learning Authority:

* [Quick Start](https://azutopia.gitbook.io/authority/tutorials/quick-start) - Get running in 5 minutes
* [First OAuth Integration](https://azutopia.gitbook.io/authority/tutorials/first-oauth-integration) - Build your first OAuth app
* [Protect Your API](https://azutopia.gitbook.io/authority/tutorials/protect-your-api) - Secure your endpoints
* [Add User Authentication](https://azutopia.gitbook.io/authority/tutorials/add-user-authentication) - Implement login flows

### [How-To Guides](https://azutopia.gitbook.io/authority/how-to-guides/docker)

Task-oriented guides for specific goals:

* [Installation](https://azutopia.gitbook.io/authority/how-to-guides/docker) - Docker, source, Kubernetes
* [Configuration](https://azutopia.gitbook.io/authority/how-to-guides/environment-variables) - Environment setup
* [Security](https://azutopia.gitbook.io/authority/how-to-guides/enable-mfa) - MFA, lockout, passwords
* [OAuth Clients](https://azutopia.gitbook.io/authority/how-to-guides/register-client) - Client management

### [Reference](https://azutopia.gitbook.io/authority/reference/oauth2)

Technical specifications and API documentation:

* [OAuth 2.0 Flows](https://azutopia.gitbook.io/authority/reference/oauth2) - Grant type specifications
* [OpenID Connect](https://azutopia.gitbook.io/authority/reference/openid-connect) - OIDC endpoints
* [API Endpoints](https://azutopia.gitbook.io/authority/reference/endpoints) - Complete API reference
* [Configuration](https://azutopia.gitbook.io/authority/reference/all-options) - All settings

### [Explanation](https://azutopia.gitbook.io/authority/explanation/architecture)

Understanding concepts and architecture:

* [Architecture](https://azutopia.gitbook.io/authority/explanation/architecture) - System design
* [OAuth 2.0 Concepts](https://azutopia.gitbook.io/authority/explanation/oauth2-concepts) - Protocol fundamentals
* [Security Model](https://azutopia.gitbook.io/authority/explanation/security-model) - Security architecture
* [Choosing Grant Types](https://azutopia.gitbook.io/authority/explanation/grant-type-selection) - Decision guide

## Standards Compliance

Authority implements these specifications:

* [RFC 6749](https://tools.ietf.org/html/rfc6749) - OAuth 2.0 Authorization Framework
* [RFC 6750](https://tools.ietf.org/html/rfc6750) - Bearer Token Usage
* [RFC 7519](https://tools.ietf.org/html/rfc7519) - JSON Web Token (JWT)
* [RFC 7636](https://tools.ietf.org/html/rfc7636) - Proof Key for Code Exchange (PKCE)
* [RFC 7662](https://tools.ietf.org/html/rfc7662) - Token Introspection
* [RFC 7009](https://tools.ietf.org/html/rfc7009) - Token Revocation
* [RFC 8628](https://tools.ietf.org/html/rfc8628) - Device Authorization Grant
* [OpenID Connect Core 1.0](https://openid.net/specs/openid-connect-core-1_0.html)

## Technology Stack

| Component     | Technology                 |
| ------------- | -------------------------- |
| Language      | Crystal                    |
| Web Framework | Azu                        |
| Database      | PostgreSQL                 |
| Templating    | Crinja (Jinja2-compatible) |
| Caching       | Redis (optional)           |

## Screenshots

![Landing Page](https://994706697-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FlOWXZIZjvh1Ih2caxSvI%2Fuploads%2Fgit-blob-0e196e6ece06e42ccb7a52cbe24b3c5c77a6e579%2Flanding-page.gif?alt=media)

![Admin Dashboard](https://994706697-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FlOWXZIZjvh1Ih2caxSvI%2Fuploads%2Fgit-blob-7e6d44d6b7eaae2061d5d8d1f7c5f404a6916986%2Fadmin-clients.gif?alt=media)