Skip to content

Latest commit

 

History

History
58 lines (48 loc) · 3.69 KB

README.md

File metadata and controls

58 lines (48 loc) · 3.69 KB

idstore

Maven Central Maven Central (snapshot) Codecov Java Version

com.io7m.idstore

JVM Platform Status
OpenJDK (Temurin) Current Linux Build (OpenJDK (Temurin) Current, Linux)
OpenJDK (Temurin) LTS Linux Build (OpenJDK (Temurin) LTS, Linux)
OpenJDK (Temurin) Current Windows Build (OpenJDK (Temurin) Current, Windows)
OpenJDK (Temurin) LTS Windows Build (OpenJDK (Temurin) LTS, Windows)

idstore

The idstore package provides an identity server for centralized authentication.

Features

  • Simple, centralized identity storage and password checking. Passwords are securely stored using PBKDF2.
  • Email-based password reset functionality with a minimalist web interface.
  • Full API access for all operations: Separate user-facing and administrator-facing APIs are exposed on different ports and are accessed using an efficient binary protocol over HTTP.
  • Full Java API for performing user and administrative operations.
  • Strong separation between administrators and users.
  • Fine-grained capability-based security model for administrative operations; Safely write external services that can perform administrative operations while maintaining the principle of least privilege.
  • Command-line administrative shell.
  • Complete audit log; every operation that changes the state of the system is logged in an append-only log.
  • Fully instrumented with OpenTelemetry.
  • A small, easily auditable codebase with a heavy use of modularity for correctness.
  • An extensive automated test suite with high coverage.
  • Platform independence. No platform-dependent code is included in any form, and installations can largely be carried between platforms without changes.
  • Extensive documentation including information on installation, a setup tutorial, a theory of operation, maintenance and monitoring information, information on security properties, and full API documentation.
  • OCI-ready: Ready to run as an immutable, stateless, read-only, unprivileged container for maximum security and reliability.
  • OSGi-ready.
  • JPMS-ready.
  • ISC license.

Usage

See the documentation.