Zero-Ceremony Identity: Why I Built a Single-Binary OIDC Provider in Go

When I set out to build Auténtico , my primary goal was to create a fully-featured OpenID Connect Identity Provider where operational simplicity was the first-class design principle . Identity infrastructure is notoriously complex. A typical self-hosted setup involves a database server, a cache tier like Redis, a worker queue, and the identity service itself. When I needed a lightweight OpenID Connect (OIDC) server to run on a small 2GB RAM VPS, I realized the existing landscape was either operationally exhausting or structurally flawed for my specific needs. This is the story of how (and why) I built Auténtico , a self-contained, single-binary OIDC provider backed by SQLite that removes the ceremony from identity management. The Itch: Finding the Right Lightweight IdP My journey started because I was researching and implementing a frontend OIDC library for product needs at my company. That scratched an itch, and I evolved it into a functional backend OIDC protocol server in Go. Months