README.in

## idstore

The `idstore` package provides an identity server for centralized
authentication.

## Features

* Simple, centralized identity storage and password checking. Passwords are
  securely stored using PBKDF2.
* Email-based password reset functionality with a minimalist web interface.
* Full API access for all operations: Separate user-facing and
  administrator-facing APIs are exposed on different ports and are accessed
  using an efficient binary protocol over HTTP.
* Full Java API for performing user and administrative operations.
* Strong separation between administrators and users.
* Fine-grained capability-based security model for administrative operations;
  Safely write external services that can perform administrative operations
  while maintaining the principle of least privilege.
* Command-line administrative shell.
* Complete audit log; every operation that changes the state of the system is
  logged in an append-only log.
* Fully instrumented with [OpenTelemetry](https://opentelemetry.io/).
* A small, easily auditable codebase with a heavy use of modularity for
  correctness.
* An extensive automated test suite with high coverage.
* Platform independence. No platform-dependent code is included in any form,
  and installations can largely be carried between platforms without changes.
* Extensive documentation including information on installation, a setup
  tutorial, a theory of operation, maintenance and monitoring information,
  information on security properties, and full API documentation.
* [OCI](https://opencontainers.org/)-ready: Ready to run as an immutable,
  stateless, read-only, unprivileged container for maximum security and
  reliability.
* [OSGi](https://www.osgi.org/)-ready.
* [JPMS](https://en.wikipedia.org/wiki/Java_Platform_Module_System)-ready.
* ISC license.

## Usage

See the [documentation](https://www.io7m.com/software/idstore).