An embeddable authentication system for Rust applications. Use as a library or deploy as a standalone OIDC provider. Same AuthClient trait either way.
Embed as a library or deploy as a standalone service. Consuming projects code against an AuthClient trait — flip between modes with a config change.
Authorization code flow with RS256 tokens and a JWKS endpoint. Google and GitHub providers built in. Account linking for users with multiple auth methods.
Authenticator app setup with QR codes and recovery codes. Enforced or optional per configuration. TOTP secrets encrypted at rest.
Accent color, custom fonts, splash screen, forced dark or light mode. Each application gets its own branded auth experience.
Async hooks for registration, login, password changes, and more. Integrate with your own notification, analytics, or provisioning systems.
Multi-tenant user grouping with configurable role-based permissions. No enforced hierarchy — define whatever role model fits your application.
[dependencies]
allowthem-core = "0.1"Wire auth into your Axum app with the trait.
impl AuthClient for MyApp {
// configure, authenticate, authorize
}Embedded mode runs in-process. Standalone is its own binary with admin UI.
$ cargo run --bin allowthemOne crate. Every auth feature you need.