FreeIPA - Identity and Access Management for Linux

  •        1329

FreeIPA is an integrated Identity and Authentication solution for Linux/UNIX networked environments. A FreeIPA server provides centralized authentication, authorization and account information by storing data about user, groups, hosts and other objects necessary to manage the security aspects of a network of computers.

https://www.freeipa.org/
https://copr.fedoraproject.org/coprs/mkosek/freeipa/

Tags
Implementation
License
Platform

   




Related Projects

Apache Fortress - Identity and Access Management

  •    Java

Apache Fortress the open source identity and access management built on OpenLDAP. Fortress is designed to address complex authentication, authorization and auditing needs simply and easily. It helps to ensure strict adherence to current security standards while allowing for ease of installation and ongoing maintenance. A standards-based access management system, written in Java, that provides role-based access control, delegated administration and password policy services with LDAP.

Gluu Server - Identity and Access Management (IAM) platform

  •    Java

Gluu's open source authentication & API access management software for securing Web & mobile applications using open standards like SAML & OpenID Connect. Its features include Single Sign-On, Access Management, OAuth, Multi-Factor Authentication, LDAP Directory Integration, User Management and lot more.

Mandriva - Identity and Network Management

  •    C

Mandriva Directory Server is an enterprise directory platform based on LDAP designed to manage identities, access control informations, policies, application settings and user profiles. If you already use Samba, Postfix, Squid or CUPS, you can benefit from MDS today to manage your infrastructure.

keycloak - Open Source Identity and Access Management For Modern Applications and Services

  •    Java

Keycloak is an open source Identity and Access Management solution aimed at modern applications and services. It makes it easy to secure applications and services with little to no code. Users authenticate with Keycloak rather than individual applications. This means that your applications don't have to deal with login forms, authenticating users, and storing users. Once logged-in to Keycloak, users don't have to login again to access a different application.

AMX Identity Management - An HR driven Identity and Access Management solution

  •    CSharp

Amx is an HR driven Identity and Access Management solution which can extract the identities from authoritative sources to find the joiners, movers and leavers, and transform them to a suitable format such that they can be used to load accounts into target resources such as the Active Directory, Exchange, LDAP, databases, Unix Systems, the Cloud etc. In its simplest form identity management is not an IT function and access management, which is, is a synchronisation process.


Syncope - Open Source Identity Management

  •    Java

Apache Syncope is an Open Source system for managing digital identities in enterprise environments. Identity management (or IdM) means to manage user data on systems and applications, using the combination of business processes and IT. IdM involves considering user attributes, roles, resources and entitlements. It provides access control on Who has access to What, When, How, and Why?

SSSD - System Security Services Daemon

  •    C

SSSD is a system daemon. Its primary function is to provide access to identity and authentication remote resource through a common framework that can provide caching and offline support to the system. It provides PAM and NSS modules, and in the future will D-BUS based interfaces for extended user information. It provides also a better database to store local users as well as extended user data.

hydra - OAuth2 server with OpenID Connect - cloud native, security-first, open source API security for your infrastructure

  •    Go

ORY Hydra is a hardened OAuth2 and OpenID Connect server optimized for low-latency, high throughput, and low resource consumption. ORY Hydra is not an identity provider (user sign up, user log in, password reset flow), but connects to your existing identity provider through a consent app. Implementing the consent app in a different language is easy, and exemplary consent apps (Go, Node) and SDKs (Go, Node) are provided.Besides mitigating various attack vectors, such as database compromisation and OAuth 2.0 weaknesses, ORY Hydra is able to securely manage JSON Web Keys, and has a sophisticated policy-based access control you can use if you want to. Click here to read more about security.

OpenAM - Authentication, Authorization and SSO

  •    Java

OpenAM provides open source Authentication, Authorization, Entitlement and Federation software. OpenAM provides core identity services to simplify the implementation of transparent single sign-on (SSO) as a security component in a network infrastructure. OpenAM provides the foundation for integrating diverse web applications that might typically operate against a disparate set of identity repositories and are hosted on a variety of platforms such as web and application servers.

Univention Corporate Server - Easy administration of your IT infrastructure

  •    C

Univention Corporate Server is a preconfigured, 100% open source Linux server and IT management system. It is free of charge and perfect for providing Microsoft Server-like services on the cloud or on the premises, to run and operate corporate IT environments with Windows- and Linux-based clients and to extend those environments with proven enterprise software, also either on the cloud or on the premises.

Harbor - An enterprise-class container registry server based on Docker Distribution

  •    Go

Project Harbor is an enterprise-class registry server that stores and distributes Docker images. It extends the open source Docker Distribution by adding the functionalities usually required by an enterprise, such as security, identity and management. As an enterprise private registry, Harbor offers better performance and security.

BrockAllen

  •    CSharp

As of 2017 MembershipReboot will no longer be maintained. It has served its purpose, and ASP.NET Identity has finally caught up (and surpassed) this library in terms of security and functionality. If you are interested in taking over maintenance, let me know. MembershipReboot is a user identity management and authentication library. It has nothing to do with the ASP.NET Membership Provider, but was inspired by it due to frustrations with the built-in ASP.NET Membership system. The goals are to improve upon and provide missing features from ASP.NET Membership. It is designed to encapsulate the important security logic while leaving most of the other aspects of account management either configurable or extensible for application developers to customize as needed.

dex - OpenID Connect Identity (OIDC) and OAuth 2.0 Provider with Pluggable Connectors

  •    Go

Dex is an identity service that uses OpenID Connect to drive authentication for other apps.Dex is NOT a user-management system, but acts as a portal to other identity providers through "connectors." This lets dex defer authentication to LDAP servers, SAML providers, or established identity providers like GitHub, Google, and Active Directory. Clients write their authentication logic once to talk to dex, then dex handles the protocols for a given backend.

midPoint - Identity Provisioning system

  •    Java

midPoint is an Identity Provisioning system. It is a comprehensive tool that synchronizes several identity repositories and databases, manages them and makes them available in a unified form. It belongs to the Identity Provisioning category of the Enterprise Identity Management field, however midPoint itself is not limited to the enterprise. It can work equally well also for cloud services, Internet portals, telcos and service providers and so on.

omniauth-identity - A simple login and password strategy for OmniAuth.

  •    Ruby

The OmniAuth Identity gem provides a way for applications to utilize a traditional login/password based authentication system without the need to give up the simple authentication flow provided by OmniAuth. Identity is designed on purpose to be as featureless as possible: it provides the basic construct for user management and then gets out of the way.Next, you need to create a model (called Identity by default) that will be able to persist the information provided by the user. Luckily for you, there are pre-built models for popular ORMs that make this dead simple.

microsoft-authentication-library-for-js - Microsoft Authentication Library (MSAL) Preview for JS

  •    Javascript

The MSAL library preview for JavaScript enables Single Page Applications to authenticate users with Microsoft Azure Active Directory (AAD) accounts, Microsoft accounts (MSA), accounts in social identity providers like Facebook, Google, LinkedIn etc. and get access to Microsoft Cloud services such as Microsoft Graph. The identity management services that the library interacts with are Microsoft Azure Active Directory, Microsoft Azure AD B2C and Microsoft Accounts.

identity - Login and OAuth management service for Heroku

  •    CSS

Based on the concept of web-based Heroku user management not belonging in the API over the long-term, Identity pulls session-based authentication out of API and provides a drop-in replacement for the Heroku OAuth API that OAuth clients can use instead.

mod_auth_openidc - OpenID Connect Relying Party and OAuth 2

  •    C

mod_auth_openidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users against an OpenID Connect Provider. It can also function as an OAuth 2.0 Resource Server, validating OAuth 2.0 bearer access tokens presented by OAuth 2.0 Clients. This module enables an Apache 2.x web server to operate as an OpenID Connect Relying Party (RP) to an OpenID Connect Provider (OP). It authenticates users against an OpenID Connect Provider, receives user identity information from the OP in a so called ID Token and passes on the identity information (a.k.a. claims) in the ID Token to applications hosted and protected by the Apache web server.

Modular Access Control System

  •    Java

A modular, flexible and extensible Identity and Access Management system for integrated login, access and profile management across disparate security domains. Supports Apache, PAM, Webcrossing, XMLRPC and SOAP from C, Perl, and Java with more to come.