keycloak - Open Source Identity and Access Management For Modern Applications and Services

  •        474

Keycloak is an open source Identity and Access Management solution aimed at modern applications and services. It makes it easy to secure applications and services with little to no code. Users authenticate with Keycloak rather than individual applications. This means that your applications don't have to deal with login forms, authenticating users, and storing users. Once logged-in to Keycloak, users don't have to login again to access a different application.

Keycloak can also authenticate users with existing OpenID Connect or SAML 2.0 Identity Providers. Again, this is just a matter of configuring the Identity Provider through the admin console.

http://www.keycloak.org
https://github.com/keycloak/keycloak
http://keycloak.org

Tags
Implementation
License
Platform

   




Related Projects

Apache Fortress - Identity and Access Management

  •    Java

Apache Fortress the open source identity and access management built on OpenLDAP. Fortress is designed to address complex authentication, authorization and auditing needs simply and easily. It helps to ensure strict adherence to current security standards while allowing for ease of installation and ongoing maintenance. A standards-based access management system, written in Java, that provides role-based access control, delegated administration and password policy services with LDAP.

Gluu Server - Identity and Access Management (IAM) platform

  •    Java

Gluu's open source authentication & API access management software for securing Web & mobile applications using open standards like SAML & OpenID Connect. Its features include Single Sign-On, Access Management, OAuth, Multi-Factor Authentication, LDAP Directory Integration, User Management and lot more.

Mandriva - Identity and Network Management

  •    C

Mandriva Directory Server is an enterprise directory platform based on LDAP designed to manage identities, access control informations, policies, application settings and user profiles. If you already use Samba, Postfix, Squid or CUPS, you can benefit from MDS today to manage your infrastructure.

AMX Identity Management - An HR driven Identity and Access Management solution

  •    CSharp

Amx is an HR driven Identity and Access Management solution which can extract the identities from authoritative sources to find the joiners, movers and leavers, and transform them to a suitable format such that they can be used to load accounts into target resources such as the Active Directory, Exchange, LDAP, databases, Unix Systems, the Cloud etc. In its simplest form identity management is not an IT function and access management, which is, is a synchronisation process.

Syncope - Open Source Identity Management

  •    Java

Apache Syncope is an Open Source system for managing digital identities in enterprise environments. Identity management (or IdM) means to manage user data on systems and applications, using the combination of business processes and IT. IdM involves considering user attributes, roles, resources and entitlements. It provides access control on Who has access to What, When, How, and Why?


Univention Corporate Server - Easy administration of your IT infrastructure

  •    C

Univention Corporate Server is a preconfigured, 100% open source Linux server and IT management system. It is free of charge and perfect for providing Microsoft Server-like services on the cloud or on the premises, to run and operate corporate IT environments with Windows- and Linux-based clients and to extend those environments with proven enterprise software, also either on the cloud or on the premises.

Harbor - An enterprise-class container registry server based on Docker Distribution

  •    Go

Project Harbor is an enterprise-class registry server that stores and distributes Docker images. It extends the open source Docker Distribution by adding the functionalities usually required by an enterprise, such as security, identity and management. As an enterprise private registry, Harbor offers better performance and security.

FreeIPA - Identity and Access Management for Linux

  •    C

FreeIPA is an integrated Identity and Authentication solution for Linux/UNIX networked environments. A FreeIPA server provides centralized authentication, authorization and account information by storing data about user, groups, hosts and other objects necessary to manage the security aspects of a network of computers.

389 Directory Server - Powerful OpenSource LDAP

  •    C

The enterprise-class Open Source LDAP server for Linux. It is hardened by real-world use, is full-featured, supports multi-master replication, and already handles many of the largest LDAP deployments in the world. OpenLDAP and Fedora Directory Server were both derived from the original University of Michigan slapd project. In 1996 the original developers of slapd became Netscape employees and developed Netscape Directory Server, which is now Fedora Directory Server.

OpenLdap - Implementation of the Lightweight Directory Access Protocol (LDAP)

  •    C

OpenLDAP Software is an open source implementation of the Lightweight Directory Access Protocol. The OpenLDAP Project was started in 1998 by Kurt Zeilenga. The project started by cloning the LDAP reference source from the University Of Michigan where a long-running project had supported development and evolution of the LDAP protocol.

SSSD - System Security Services Daemon

  •    C

SSSD is a system daemon. Its primary function is to provide access to identity and authentication remote resource through a common framework that can provide caching and offline support to the system. It provides PAM and NSS modules, and in the future will D-BUS based interfaces for extended user information. It provides also a better database to store local users as well as extended user data.

dex - OpenID Connect Identity (OIDC) and OAuth 2.0 Provider with Pluggable Connectors

  •    Go

Dex is an identity service that uses OpenID Connect to drive authentication for other apps.Dex is NOT a user-management system, but acts as a portal to other identity providers through "connectors." This lets dex defer authentication to LDAP servers, SAML providers, or established identity providers like GitHub, Google, and Active Directory. Clients write their authentication logic once to talk to dex, then dex handles the protocols for a given backend.

Modular Access Control System

  •    Java

A modular, flexible and extensible Identity and Access Management system for integrated login, access and profile management across disparate security domains. Supports Apache, PAM, Webcrossing, XMLRPC and SOAP from C, Perl, and Java with more to come.

OpenDS - Next generation Directory Service

  •    Java

OpenDS is an community project, building a free and comprehensive next generation directory service. OpenDS is designed to address large deployments, to provide high performance, to be highly extensible, and to be easy to deploy, manage and monitor. The OpenDS directory service will ultimately include not just the Directory Server, but also other essential directory-related services like directory proxy, virtual directory, namespace distribution and data synchronization.

midPoint - Identity Provisioning system

  •    Java

midPoint is an Identity Provisioning system. It is a comprehensive tool that synchronizes several identity repositories and databases, manages them and makes them available in a unified form. It belongs to the Identity Provisioning category of the Enterprise Identity Management field, however midPoint itself is not limited to the enterprise. It can work equally well also for cloud services, Internet portals, telcos and service providers and so on.

harbor - An open source trusted cloud native registry project that stores, signs, and scans content.

  •    Go

Note: The master branch may be in an unstable or even broken state during development. Please use releases instead of the master branch in order to get stable binaries. Harbor is an an open source trusted cloud native registry project that stores, signs, and scans content. Harbor extends the open source Docker Distribution by adding the functionalities usually required by users such as security, identity and management. Having a registry closer to the build and run environment can improve the image transfer efficiency. Harbor supports replication of images between registries, and also offers advanced security features such as user management, access control and activity auditing.

Redmine - Project Management system in Ruby

  •    Ruby

Redmine is a flexible project management web application. Written using Ruby on Rails framework, it is cross-platform and cross-database.

amazon-cognito-identity-js

  •    Javascript

You can now use Amazon Cognito to easily add user sign-up and sign-in to your mobile and web apps. Your User Pool in Amazon Cognito is a fully managed user directory that can scale to hundreds of millions of users, so you don't have to worry about building, securing, and scaling a solution to handle user management and authentication.The Amazon Cognito Identity SDK for JavaScript allows JavaScript enabled applications to sign-up users, authenticate users, view, delete, and update user attributes within the Amazon Cognito Identity service. Other functionality includes password changes for authenticated users and initiating and completing forgot password flows for unauthenticated users.

Strelin CMS - A Joomla fork

  •    PHP

Strelin is a fork of the great Joomla! 1.5 content management system. Joomla! 1.5 is so widely used content management system. As Joomla! is moving towards 1.6 with big core changes, Strelin has been started for those who want new features but don't want to get into possible extra migration work.

api-gateway-secure-pet-store - Amazon API Gateway sample using Amazon Cognito credentials through AWS Lambda

  •    Objective-C

The Secure Pet Store sample is an application built in Java for AWS Lambda. It uses Amazon API Gateway to expose the Lambda function as HTTP endpoints and uses Identity and Access Management (IAM) and Amazon Cognito to retrieve temporary credentials for a user and authorize access to its APIs with.The application needs to be modified to reflect the resource names created above. After adapting the configuration you package the application and deploy it as an AWS Lambda function with the necessary execution role.