Start with Identity
Open Source

Dex

Founded 2016Community project (CNCF, originally CoreOS)Open source (Apache 2.0, CNCF)Score 4/5Evaluated 2026-07-03Website ↗

Capability scores

Methodology →
Authentication
4.0
SSO & Federation
4.5
Authorization
2.5
Lifecycle & Provisioning
2.0
MFA & Passwordless
2.5
Governance & Audit
2.5
Developer Experience
4.0
Deployment Flexibility
4.5
Pricing Transparency
5.0
Support & Ecosystem
3.5

Scored 0–5 against a published rubric. Independent analysis, no vendor sponsorship.

Overview

Dex is an open-source OpenID Connect identity provider, now a CNCF project and originally from CoreOS. It acts as a federation layer, authenticating users against upstream identity sources through connectors and issuing OIDC tokens to applications.

What it is good at

Dex shines as a lightweight federation broker: connectors for LDAP, SAML, GitHub, Google, and more let it front many identity sources and present a single OIDC interface, which is why it is common in Kubernetes and internal platform authentication. It is simple, composable, and self-hostable.

Where it falls short

Dex is deliberately narrow. It is not a full IAM: no user store, admin UI, or governance, so teams needing those pair it with other tools or choose a broader platform.

Pricing

Free and open source (Apache 2.0, CNCF); self-hosted.

Best for, and who should look elsewhere

Choose Dex as an OIDC federation layer, especially for Kubernetes. Look elsewhere for a full IAM with user management (see Zitadel or Keycloak).

Bottom line

A focused, dependable OIDC federation broker, a staple of cloud-native authentication.

More Open Source vendors

All Open Source

By SWI Community Team · Last evaluated 2026-07-03

Independent, community-driven analysis. No vendor sponsorship. Compiled from public research and community input and verified on a best-effort basis, so details may be incomplete or out of date. Scores are opinions, not advice. Trademarks belong to their owners; mention does not imply affiliation or endorsement. See the full disclaimer, or send corrections to [email protected].