Please note: We take Eartho's security and our users' trust very seriously. If you believe you have found a security issue in Eartho, please responsibly disclose by contacting us at [email protected]
Eartho is an open-source sign-in alternative for users that prioritizes convenience & user privacy.
It offers a flexible, secure, and privacy-first alternative to traditional login providers like Google Sign-In, Apple, or Facebook.
Eartho ensures that users' personal data stays protected from Big Tech tracking, while developers benefit from a simple, easy-to-integrate solution.
Name | Auth0 | Clerk | Stack-Auth |
---|---|---|---|
Image | |||
Name | Supabase | Firebase | |
Image |
- Long-Term Data Ownership: Using major platforms for login often means surrendering control of your data indefinitely. Users want clarity on who owns their data and how it’s stored and managed over time.
- Fragmented Digital Identities: With accounts scattered across platforms like Google, Facebook, LinkedIn, and more, managing logins becomes complex. People need a unified, secure way to access apps without losing track of their identities.
- I don’t want to be forced to share my real identity: Some users prefer to log in with minimal details, without needing to disclose personal information like email, phone number, or full name.
- What happens to my accounts when I die? Many are concerned about the future of their digital identity. They want clear control over how their accounts are managed if they’re no longer around, protecting their digital legacy.
Ready and Available ✅
- Multi-Provider Authentication: Log in via Google, Facebook, Apple, GitHub, MetaMask, and more.
- Zero Tracking: No data tracking—user information remains private.
- Two-Factor Authentication (2FA): Secure logins with SMS, email, or authenticator apps.
- Recent Activity Review: Monitor and review account activity for unauthorized access.
- Self-Managed Login History: View, download, or delete login history to monitor and manage account access.
- Seamless Developer Integration: Quick setup with minimal code for easy logins.
In Progress 🚧
- End-to-End Encryption: Encrypt user data for enhanced security.
- Trusted Devices Management: Manage devices connected to your account.
- Session Management: Remotely log out from unrecognized devices.
- Security Alerts: Get real-time alerts for suspicious activity.
- Advanced Antifraud System: Detect and prevent fraudulent logins.
- Privacy Checkup: Review and adjust privacy settings.
- Data from Connected Apps: Manage permissions for apps connected to your account.
- Plan Your Digital Legacy: Set up account management for when you can no longer access it.
- Autofill Support: Autofill passwords and payment info for faster logins.
- Eartho Pay: Integrate payments securely alongside authentication.
- Customizable UI: Tailor Eartho’s login widget to fit your brand.
- Biometric Authentication: Fingerprint and facial recognition for secure access.
- Anonymous Login: Protect identities with anonymous access.
- Advanced Analytics Dashboard: Gain insights into account activity and data usage.
- Granular Privacy Controls: Set specific data permissions for apps.
- Multi-Account Management: Easily switch between multiple accounts.
- Enhanced Offline Access: Authenticate even without internet connectivity.
Future
- Browser Extension: Autofill, and more.
- Eartho One Tap: Users are prompted to create an account with a dialog that's inline with your app's content, so they're never taken out of context by a sign-up screen.
Eartho serves as a privacy-focused layer between users and major authentication providers like Google, Facebook, and others. When users log in using Eartho, they can still choose popular sign-in options such as Google Sign-In or Facebook Login, but with a critical difference: Big Tech companies will no longer have access to your users’ login services list.
By wrapping major sign-in services, Eartho provides the best of both worlds: the convenience of popular authentication providers and the security of true privacy for users, ensuring that no personal data leaks to third-party companies.
In today’s digital age, privacy is paramount. Most single sign-on (SSO) providers collect data from users and track their online activity. Eartho solves this problem by offering a sign-in solution that ensures users’ privacy remains intact.
Developers can integrate Eartho with a few lines of code and provide users with:
- Secure login options
- Control over what data they share and with whom
- A unified account management system with multiple login methods
- Protection from Big Tech tracking and surveillance
Eartho is built for developers who care about privacy and security, but don't want to compromise on ease of use.
Account Module:
- Next.js
- NextAuth(Auth.js)
- Oidc-Provider(Panva)
MyAccount Module:
- Next.js
- NextAuth(Auth.js) - Use Account Module as provider
Developers Module:
- Next.js
- NextAuth(Auth.js) - Use Account Module as provider
Infra:
- Database: Google Cloud Databases(Should be replaced)
- Cloud: Google Cloud Platform (GCP)
Enhance your app’s authentication with Eartho. It provides a privacy-first login experience that integrates easily into your existing system. With Eartho, you can offer users the convenience of popular sign-in options like Google, Facebook, Apple, and more—without compromising their privacy. We ensure that Big Tech companies can’t track your users or use their data against you.
- Privacy-First Authentication: Eartho acts as a layer of protection between your users and Big Tech, preventing data tracking while still allowing users to log in with familiar providers.
- Multiple Authentication Options: Give your users the freedom to log in with Google, Facebook, Apple, GitHub, or even MetaMask—while keeping their data private.
- Easy Integration: Eartho simplifies the development process for login, sign-up, and profile management pages. With just one line of code, you can integrate Eartho seamlessly into your app.
- No Migration Needed: Continue using existing authentication providers without the need to migrate users or disrupt their experience. Eartho enhances privacy while keeping everything intact.
- Advanced Security Features: Eartho comes with an advanced antifraud system, using on-device machine learning to verify user authenticity and prevent fraud.
Eartho offers two primary methods for integrating secure, privacy-first authentication into your application: via the OIDC Provider or by using the Eartho SDK. Choose the option that best fits your setup and requirements.
If your application already supports OpenID Connect (OIDC), integrating Eartho as an OIDC provider is a flexible, secure, and standards-compliant choice. This method is highly compatible with popular libraries and frameworks, making it easy to add Eartho to existing setups.
Using Eartho’s OIDC endpoints, you can seamlessly integrate with many popular libraries and frameworks, including:
- Auth.js - A versatile library for OAuth and OIDC providers.
- Keycloak - Open-source identity management, supporting SSO with Eartho.
- Auth0 - Universal authentication platform, configurable with Eartho as an OIDC provider.
- Passport.js - Middleware for Node.js supporting custom OIDC strategies like Eartho.
- Okta - Enterprise identity and access management platform with support for custom OIDC providers.
- Firebase Auth - Firebase's authentication service that can be configured to accept tokens from Eartho.
- Clerk - User management and authentication solution, compatible with custom OIDC providers like Eartho.
- SuperTokens - Open-source authentication library that supports integration with custom OIDC providers.
- Supabase - Open-source Firebase alternative with authentication that can be integrated with Eartho’s OIDC for added flexibility.
- StackAuth - A secure authentication solution that supports multiple providers, configurable with Eartho’s OIDC.
- Set the Issuer
Configure Eartho as your OIDC provider by setting the
issuer
andwellKnown
fields. This allows your app to retrieve Eartho’s OIDC configuration.issuer: "https://account.eartho.io" wellKnown: "https://account.eartho.io/.well-known/openid-configuration"
- Redirect URI Setup
Ensure your Eartho application is configured to recognize your app’s redirect URI, where Eartho will return authorization codes or tokens after authentication.
- Benefits of OIDC Integration
- Standardized Protocol: Provides a robust, industry-standard authentication approach.
- Enhanced Security: Leveraging Eartho’s secure OIDC flow minimizes unauthorized access.
- Compatibility: Integrates with other OIDC-compatible identity providers and authentication systems.
Eartho supports a wide range of authentication methods, allowing users to log in using their preferred provider while ensuring their privacy is maintained. Below are the supported authentication methods that users can choose from:
- Google: Log in with your Google account for seamless access.
- Apple: Use your Apple ID for secure and private authentication.
- Facebook: Sign in through Facebook while keeping your data private from Big Tech.
- Twitter (X): Authenticate with your Twitter (X) account and remain protected.
- GitHub: Ideal for developers logging in with their GitHub accounts.
- Email: Secure login via one-time password (OTP) sent to your email.
- SMS: Authenticate using a code sent directly to your phone via SMS.
- VK: Support for VK, a popular platform in Eastern Europe and Russia.
- Reddit: Login via Reddit for users active on the platform.
- Yandex: A secure login option through Yandex.
- MetaMask: For crypto enthusiasts, log in using your MetaMask wallet.
Eartho wraps these providers, acting as a privacy layer, which means your login process goes through Eartho. This ensures that while the authentication provider can verify your credentials, they don't gain access to your app activity or personal information—keeping your data safe and secure.
Eartho's system is organized into three main services, each with a unique purpose:
- Users log in through existing accounts (Google, Facebook, etc.) using OAuth2.
- Eartho then acts as an OIDC provider, offering a unified, privacy-focused login across supported apps without sharing data back to these providers.
- Allows users to manage their data, privacy settings, and linked accounts.
- Users have control over data storage, can view login history, and adjust privacy preferences.
- For developers to register their apps and integrate Eartho as a login option.
- Provides all setup details for easy app integration.
This structure keeps each service focused: Account Service for user login, MyAccount Service for data control, and Developer Service for app integration.
We welcome contributions from the open-source community! If you'd like to contribute to Eartho, please follow these steps:
- Fork the repository on GitHub.
- Create a new branch for your feature or fix:
git checkout -b feature/your-feature-name
- Make your changes and commit them with a meaningful message:
git commit -m "Add your feature or fix description"
- Push to your fork:
git push origin feature/your-feature-name
- Create a pull request from your branch into the main repository.
We also encourage you to review our Contributing Guide before submitting a pull request. Contributions can range from code improvements, documentation updates, or even bug reports. Every contribution helps make Eartho better for everyone!
Instructions Per Package
Instructions Per Package
Join our vibrant community of developers and privacy advocates who are helping to shape the future of Eartho! Here’s how you can get involved:
- Discord: Join our Discord community for real-time discussions, support, and collaboration with other developers.
- GitHub Discussions: Start or join a conversation in our GitHub Discussions to get help or suggest new features.
- Our Website: Follow us on Eartho for updates, news, and announcements.
Each package is licensed individually.
Server components are licensed under the AGPLv3, while client libraries and examples are provided under custom license license. For detailed information, please refer to the LICENSE files in each package.
Portions of this code are derived from projects licensed with MIT(Check LICENSE file to see the full license). Here are the copyrights and the license type:
- MIT License, Copyright (c) 2018 Auth0, Inc. [email protected] (http://auth0.com)
- MIT License, Copyright (c) 2020-present Cryptr
- MIT License, Copyright (c) 2020 Ville de Montréal
- ISC License, Copyright (c) 2022-2024, Balázs Orbán (Auth.js)
- MIT License, Copyright (c) 2018 Filip Skokan - Jose
- MIT License, Copyright (c) 2015 Filip Skokan https://github.com/panva/node-oidc-provider/blob/main/LICENSE.md
We're committed to being as transparent as possible. We use well-established, widely adopted open-source libraries that have been trusted by millions of developers. Our team has years of experience in the industry, and we’re dedicated to building a platform that puts users' privacy and security first.
We understand this is a new project, and we’re constantly improving. Our code is open for anyone to review, contribute to, or suggest improvements. While it’s early days for Eartho, our goal is to continually evolve and provide a safe, privacy-first solution for managing digital access.
Disclaimer: As this is a growing project, we’re always open to feedback and making things better over time.
Hey! I'm Dvir Daniel, the creator of Eartho. I've been working in the IT industry for almost 10 years as a software engineer. Eartho started as my personal project with the goal to offer a privacy-first, open-source alternative to Google Sign-In. Right now, it's just me and a few friends helping out here and there. It's still early days for the project, but we’re improving it step by step and being as transparent as possible. Excited to have you join us on this journey!
Eartho is designed with the user in mind, and not for developers, offering features like multiple identities, privacy-first payments, and the ability to plan your digital legacy. Unlike developer-focused tools, Eartho provides users with control over their access and personal data.
Developers add us as sign in option to their existing solution and they can can manage their users in Keycloak if they want. we are like Google/Facebook/Apple sign in
Big Tech may collect data as part of their larger ecosystem, but for Eartho, access and privacy are our mission. While for them it's just another piece of the puzzle, for us, it’s the focus. We’re committed to being more convenient and advanced when it comes to managing access, giving you full control over your data and logins. Being open-source means transparency, and with Eartho, you always know where your information is and how it's used.