Show HN: Irongate – Serverless Auth on AWS

maltaro2 pts0 comments

GitHub - RobinSrimal/irongate: Serverless Auth on AWS · GitHub

/" data-turbo-transient="true" />

Skip to content

Search or jump to...

Search code, repositories, users, issues, pull requests...

-->

Search

Clear

Search syntax tips

Provide feedback

--><br>We read every piece of feedback, and take your input very seriously.

Include my email address so I can be contacted

Cancel

Submit feedback

Saved searches

Use saved searches to filter your results more quickly

-->

Name

Query

To see all available qualifiers, see our documentation.

Cancel

Create saved search

Sign in

/;ref_cta:Sign up;ref_loc:header logged out"}"<br>Sign up

Appearance settings

Resetting focus

You signed in with another tab or window. Reload to refresh your session.<br>You signed out in another tab or window. Reload to refresh your session.<br>You switched accounts on another tab or window. Reload to refresh your session.

Dismiss alert

{{ message }}

RobinSrimal

irongate

Public template

Notifications<br>You must be signed in to change notification settings

Fork

Star

master

BranchesTags

Go to file

CodeOpen more actions menu

Folders and files<br>NameNameLast commit message<br>Last commit date<br>Latest commit

History<br>525 Commits<br>525 Commits

assets

assets

design

design

docs

docs

infra

infra

packages

packages

scripts

scripts

.example.env

.example.env

.gitignore

.gitignore

AGENTS.md

AGENTS.md

LICENSE

LICENSE

README.md

README.md

auth.clients.toml

auth.clients.toml

package-lock.json

package-lock.json

package.json

package.json

sst.config.ts

sst.config.ts

tsconfig.json

tsconfig.json

View all files

Repository files navigation

Irongate is a serverless authentication template for AWS. It gives you a Rust-based auth core running on API Gateway, Lambda, and DynamoDB, deployed with SST.<br>It is meant for teams that want to own their auth layer without running servers or paying hosted-auth MAU pricing. You get a small, inspectable starting point that you can deploy, modify, and extend inside your own AWS account.

Getting Started

Create a new repository from this template, clone it, then run the setup script to rename the project:

npm run setup

After that, follow the setup docs one step at a time:

docs/setup/01-template-setup.md<br>docs/setup/02-aws-accounts-and-sst.md<br>docs/setup/03-stage-config.md<br>docs/setup/04-secrets.md<br>docs/setup/05-auth-clients.md<br>docs/setup/06-resend-email.md<br>docs/setup/09-deploy-auth-core.md

Provider and example setup:

docs/setup/07-google-login.md<br>docs/setup/08-apple-login.md<br>docs/setup/10-cloudflare-account.md<br>docs/setup/11-cloudflare-web-example.md<br>docs/setup/12-tauri-app-example.md

Operations:

docs/operations/smoke-test.md<br>docs/operations/local-signing-dev.md

Secret Boundary

The template deliberately separates local deploy credentials, runtime secrets, and reviewed<br>configuration:

.env: local-only tooling credentials, such as Cloudflare API token and account ID.

SST secrets: Irongate runtime secrets used by Lambda, such as Resend, HMAC lookup, signing, Google,<br>Apple, and confidential client secrets.

infra/shared/stage-config.ts: checked-in non-secret stage config.

auth.clients.toml: checked-in OAuth client definitions and secret reference names.

See docs/setup/04-secrets.md and docs/setup/10-cloudflare-account.md.

Design

Start with:

design/overview.md<br>design/functions/README.md<br>design/infra/README.md<br>design/examples/README.md

About

Serverless Auth on AWS

Topics

rust

aws

lambda

authentication

serverless

dynamodb

cloudflare

Resources

Readme

License

MIT license

Uh oh!

There was an error while loading. Please reload this page.

Activity

Stars

star

Watchers

watching

Forks

forks

Report repository

Contributors

Uh oh!

There was an error while loading. Please reload this page.

Languages

Rust<br>84.7%

TypeScript<br>10.5%

JavaScript<br>3.5%

Other<br>1.3%

You can’t perform that action at this time.

docs setup auth design readme json

Related Articles