Open Source Mac Identity and Access Management (IAM) Software
Sort By:
Identity and Access Management (IAM) Software for Mac
View 48 business solutionsBrowse free open source Identity and Access Management (IAM) software and projects for Mac below. Use the toggles on the left to filter open source Identity and Access Management (IAM) software by OS, license, language, programming language, and project status.
-
Powerfully Simple Remote Monitoring and Management SoftwareIf you're looking to support your clients and manage IT more efficiently, turn to NinjaRMM. The world's first security centric remote monitoring and management (RMM) platform, NinjaRMM enables IT professionals to monitor and manage the entire IT stack with full automation all within a single pane of glass. The platform features search and connect through TeamViewer, antivirus integration, real-time alerts, managed patching, automation, software inventory, and reporting.
-
Software for managing apps and accounts | WebCatalogTurn websites into desktop apps with WebCatalog Desktop—your all-in-one tool to manage apps and accounts. Switch between multiple accounts, organize apps by workflow, and access a curated catalog of desktop apps for Mac and Windows.
-
1
hydra
Cloud native, security-first, API security for your infrastructure
Secure access to your applications and APIs, and authenticate third party users. Ory / Hydra is Open Source and OpenID Connect Certified® technology that integrates with any login system. Get started in minutes, and provide secure access to your application and API endpoints. Ory / Hydra works with any login system and only a few lines of code are required. Ory / Hydra is written in Go and we provide SDKs for every language. We work with any login system and it is easy to customize the login experience. Our documentation makes integrating Ory / Hydra a snap. The Ory Community stands on the shoulders of individuals, companies, and maintainers. We thank everyone involved, from submitting bug reports and feature requests, to contributing patches, to sponsoring our work. -
2
Pomerium
Pomerium is an identity and context-aware access proxy
Secure, context-aware access that just works. Access internal resources securely. Implement zero trust. Achieve compliance. All without the headache of a VPN. For teams that prefer a hosted solution while keeping data governance. For organizations that need advanced scaling, access control, and governance capabilities. IT and developers need a scalable access control solution to keep users productive, happy, and secure. Pomerium uses identity and context to ensure secure access to internal applications, servers, and infrastructure even from untrusted networks. Pomerium adds authentication and authorization to any application or server, giving IT Management a centralized panel for organization-wide control. Assert compliance in your current architecture without giving up control over data tenancy. Pomerium supports your infrastructure and can be deployed in all environments: cloud, hybrid, or on-prem. From AWS to Kubernetes and more, your internal and 3rd-party apps are covered. -
3
authentik
The authentication glue you need
authentik is an open-source Identity Provider that emphasizes flexibility and versatility. It can be seamlessly integrated into existing environments to support new protocols. authentik is also a great solution for implementing sign-up, recovery, and other similar features in your application, saving you the hassle of dealing with them. authentik is an open-source Identity Provider focused on flexibility and versatility. You can use authentik in an existing environment to add support for new protocols, implement sign-up/recovery/etc. in your application so you don't have to deal with it, and many other things. You can adopt authentik to your environment, regardless of your requirements. Need an Active-Directory integrated SSO Provider? Do you want to implement a custom enrollment process for your customers? Are you developing an application and don't want to deal with User verification and recovery? authentik can do all of that, and more. -
4
Ory Kratos
Next-gen identity server with Ory-hardened authentication
Headless and configurable authentication and user management, including MFA, social login, custom identities and more. Ory Kratos is a fully featured user management system built for the cloud. Control every aspect with a headless API. Ory Kratos comes with support for a wide range of 2FA protocols such as TOTP, FIDO2 & WebAuthn, works with any UI framework, and only a few lines of code are required to get it up and running. Configurable login and registration flows, multi-factor authentication, custom identity models, and bring your own UI. Ory Kratos is open-source and grows more powerful with every pull-request. Ory Kratos is written in Go and we provide SDKs for every language. Customizable login, registration, and profile management without complexity. Users create and sign in to accounts using username/email and password combinations, Social Login, passwordless flows, TOTP and more. -
Cycloid: Hybrid Cloud DevOps collaboration platformEnable your developers to do their best work and increase time-to-market speed with a leading DevOps and Hybrid Cloud platform.
-
5
ZITADEL
Identity infrastructure, simplified for you
Secure authentication management for your application. Customize as you grow, with easy APIs and programmable workflows. Focus on growing, your login is in good hands. Streamline your application development with our all-in-one identity suite. Designed for all user types, be it consumers, businesses, or employees. Offload complex tasks by using our API as solid abstractions. Benefit from an adaptable identity infrastructure with custom code extensions and robust security defaults. -
6
Keycloak
Identity and access management for modern applications and services
Add authentication to applications and secure services with minimum fuss. No need to deal with storing users or authenticating users. It's all available out of the box. You'll even get advanced features such as User Federation, Identity Brokering and Social Login. Keycloak is an open source Identity and Access Management solution aimed at modern applications and services. It makes it easy to secure applications and services with little to no code. Users authenticate with Keycloak rather than individual applications. This means that your applications don't have to deal with login forms, authenticating users, and storing users. Once logged-in to Keycloak, users don't have to login again to access a different application. This also applied to logout. Keycloak provides single-sign out, which means users only have to logout once to be logged-out of all applications that use Keycloak. -
7
Authelia
The Single Sign-On Multi-Factor portal for web apps
Authelia is an open-source authentication and authorization server and portal fulfilling the identity and access management (IAM) role of information security in providing multi-factor authentication and single sign-on (SSO) for your applications via a web portal. It acts as a companion for common reverse proxies. With a compressed container size smaller than 20 megabytes and observed memory usage normally under 30 megabytes, it's one of the most lightweight solutions available. Written in Go and React, authorization policies and many other backend tasks are completed in mere milliseconds and login portal loading times of 100 milliseconds makes it one of the fastest solutions available. Processors can use a lot of electricity, but when idle usage is basically so low that you can't measure it, and active usage in a small business environment being under 1% you can rest easy (with the exclusion of password hashing). -
8
Infra
Infra provides authentication and access management to servers
Infra provides authentication and access management to servers and Kubernetes clusters. Infra generates short-lived credentials based on identity, replacing the need for passwords and other shared secrets. Infra brings authentication and access control to servers, clusters, and databases. All credentials are created dynamically after verifying a user or machine's identity. No more shared access. Unique credentials are created for each device, user or application. Credentials generated by Infra can be configured to expire after a short period of time. Authenticate from headless server environments, desktops, and automation tools. Credentials can be revoked at any time, cutting access in the event where a device is compromised. -
9
CloudFoundry UAA
CloudFoundry User Account and Authentication (UAA) Server
The UAA is a multi tenant identity management service, used in Cloud Foundry, but also available as a stand alone OAuth2 server. Its primary role is as an OAuth2 provider, issuing tokens for client applications to use when they act on behalf of Cloud Foundry users. It can also authenticate users with their Cloud Foundry credentials, and can act as an SSO service using those credentials (or others). It has endpoints for managing user accounts and for registering OAuth2 clients, as well as various other management functions. -
Intelligent Automation Solutions Built for Modern Finance TeamsDigitally transform your business with workflow automation and integrated payment solutions. Digitally store and secure your data with advanced search and accessibility features that keeps your documents at the tip of your team’s fingers.
-
10
Leapp
Leapp is the DevTool to access your cloud
Let Leapp manage your Cloud credentials locally. Improve your workflow with the only open-source desktop app and CLI you’ll ever need. Your all-in-one solution to assign IAM Cloud access across teams. Cloud credentials are available with a click. Data stored locally encrypted in your System Vault. Work with your Cloud Identities from a single place. Automatic temporary Cloud credentials generation and rotation. Pick your Cloud Provider to add a Leapp Session. Choose from supported access methods or leverage your federated identity with SAML 2.0 compliant identity providers. Automatically provision your sessions from AWS Single Sign-On via Leapp Integration. Start your Session, and Leapp will automatically generate secure short-lived credentials for you. All sensitive data are stored in your local System Vault and used only when needed to provide best-in-class security. -
11
AWS IAM Authenticator for Kubernetes
Tool to use AWS IAM credentials to authenticate to Kubernetes clusters
A tool to use AWS IAM credentials to authenticate to a Kubernetes cluster. A tool to use AWS IAM credentials to authenticate to a Kubernetes cluster. The initial work on this tool was driven by Heptio. The project receives contributions from multiple community engineers and is currently maintained by Heptio and Amazon EKS OSS Engineers. If you are an administrator running a Kubernetes cluster on AWS, you already need to manage AWS IAM credentials to provision and update the cluster. By using AWS IAM Authenticator for Kubernetes, you avoid having to manage a separate credential for Kubernetes access. AWS IAM also provides a number of nice properties such as an out-of-band audit trail (via CloudTrail) and 2FA/MFA enforcement. -
12
Authorizer
Your data, your control. Fully open source, authentication, etc.
Your data, your control. Fully open source, authentication and authorization. No lock-ins. Deployment in Railway in 120 seconds || Spin a docker image as a micro-service in your infra. Built in login page and Admin panel out of the box. Authorizer is an open-source authentication and authorization solution for your applications. Bring your database and have complete control over the user information. You can self-host authorizer instances and connect to any database (Currently supports 11+ databases including Postgres, MySQL, SQLite, SQLServer, YugaByte, MariaDB, PlanetScale, CassandraDB, ScyllaDB, MongoDB, ArangoDB). This guide helps you practice using Authorizer to evaluate it before you use it in a production environment. It includes instructions for installing the Authorizer server in local or standalone mode. -
13
Kanidm
Kanidm: A simple, secure, and fast identity management platform
Kanidm is a simple and secure identity management platform, allowing other applications and services to offload the challenge of authenticating and storing identities to Kanidm. The goal of this project is to be a complete identity provider, covering the broadest possible set of requirements and integrations. You should not need any other components (like Keycloak) when you use Kanidm - we already have everything you need. To achieve this we rely heavily on strict defaults, simple configuration, and self-healing components. This allows Kanidm to support small home labs, families, small businesses, and all the way to the largest enterprise needs. If you want to host your own authentication service, then Kanidm is for you. -
14
Shield
The easiest and most intuitive way to add access management
The easiest and most intuitive way to add access management to your Filament Admin Resources, Pages & Widgets is through Spatie/Laravel Permission. -
15
Doorkeeper
Doorkeeper is an OAuth 2 provider for Ruby on Rails / Grape
Doorkeeper is a gem (Rails engine) that makes it easy to introduce OAuth 2 provider functionality to your Ruby on Rails or Grape application. Doorkeeper is an oAuth2 provider built in Ruby. It integrates with Ruby on Rails and Grape frameworks. The installation process depends on the framework you're using. Doorkeeper follows Rails maintenance policy and supports only supported versions of the framework. Currently, we support Ruby on Rails 5 and higher. Extensions that are not included by default and can be installed separately. These applications show how Doorkeeper works and how to integrate with it. Start with the oAuth2 server and use the clients to connect with the server. See list of tutorials in order to learn how to use the gem or integrate it with other solutions/gems. -
16
kube2iam
Provides different AWS IAM roles for pods running on Kubernetes
Provide IAM credentials to containers running inside a Kubernetes cluster based on annotations. Traditionally in AWS, service level isolation is done using IAM roles. IAM roles are attributed through instance profiles and are accessible by services through the transparent usage by the aws-sdk of the ec2 metadata API. When using the aws-sdk, a call is made to the EC2 metadata API which provides temporary credentials that are then used to make calls to the AWS service. The problem is that in a multi-tenanted containers based world, multiple containers will be sharing the underlying nodes. Given containers will share the same underlying nodes, providing access to AWS resources via IAM roles would mean that one needs to create an IAM role which is a union of all IAM roles. This is not acceptable from a security perspective. -
17
Casdoor
An open-source Identity and Access Management (IAM)
A UI-first Identity Access Management (IAM) / Single-Sign-On (SSO) platform supporting OAuth 2.0, OIDC, SAML and CAS, integrated with Casbin RBAC and ABAC permission management. Within a few steps, we can setup a Casdoor app and realize our authorization management. Casdoor has a front-end back-end separation architecture, with maneuverable web UI and supporting high concurrency. Casdoor is supporting multi-languages, using i18n to support multi-languages UI. For more languages support, welcome to propose in our community. Casdoor SDK provides many functions, such as identity authentication, user management, resource upload, etc. Access to Casdoor is very convenient, please visit How to Connect to Casdoor for details. Casdoor also support sign up directly. By filling your Username, Display name, Password and Email, after your receive your Email code, you can sign up in Casdoor. -
18
MaxKey
MaxKey SSO ,Leading-Edge IAM-IDaas(Identity and Access Management)
Maxkey Single Sign On System, which means the Maximum key, Leading-Edge IAM/IDaas Identity and Access Management product, supports OAuth 2.x/OpenID Connect, SAML 2.0, JWT, CAS, SCIM, and other standard protocols, and provide Secure, Standard and Open Identity management (IDM), Access management (AM), Single Sign On (SSO), RBAC permission management and Resource management. MaxKey focuses on performance, security, and ease of use in enterprise scenarios, is widely used in industries such as healthcare, finance, government, and manufacturing. -
19
Paralus
All-in-one Kubernetes access manager
Paralus is an open-source, zero-trust access management solution for Kubernetes. It provides secure access to Kubernetes clusters without the need for VPNs, streamlining operations and enhancing security. Paralus can be easily integrated with your pre-existing RBAC configuration and your SSO providers, or Identity Providers (IdP) that support OIDC (OpenID Connect). Through just-in-time service account creation and fine-grained user credential management, Paralus provides teams with an adaptable system for guaranteeing secure access to resources when necessary, along with the ability to rapidly identify and respond to threats through dynamic permission revocation and real-time audit logs. -
20
ArkID
Enterprise IDaaS/IAM platform system
Rich plug-in, quickly builds an exclusive IDaaS/IAM platform. Easy integration into all your applications. Unified identity, certification, and authority management system. Extendable bottom application architecture based on Plug-in interpolation. You can flexibly and quickly add new functions to the main program without changing the main program. Achieve centralized and safe storage of corporate organizational structure and identity information of massive personnel. Establish a correspondence in multiple dimensions and securely integrate enterprise identity data sources. To achieve efficient and unified management of enterprise personnel, organizational structure, and application of information on a platform. -
21
kiam
Integrate AWS IAM with Kubernetes
kiam runs as an agent on each node in your Kubernetes cluster and allows cluster users to associate IAM roles with Pods. [a] role is similar to a user, in that it is an AWS identity with permission policies that determine what the identity can and cannot do in AWS. However, instead of being uniquely associated with one person, a role is intended to be assumed by anyone who needs it. Also, a role does not have any credentials (password or access keys) associated with it. Instead, if a user is assigned to a role, access keys are created dynamically and provided to the user. -
22
IAM
Enterprise-level Go language combat project
IAM is an identity and access management system developed based on the Go language, which is used to authorize resource access. The latest stable version is v1.6.2, it is recommended to install and test based on the stable version. Cooperating with the geek time column " Go language project development practice ", explaining how to use Go to develop enterprise-level applications is the theoretical course of the project, including the explanation of various knowledge points and construction ideas of the project, as well as my first-line research and development experience and advice. As a development scaffolding, developers can quickly build their own applications after cloning and secondary development. The IAM project will be maintained for a long time and updated regularly, welcome brothers Star & Contribute. -
23
WeIdentity is a set of distributed multi-center technical solutions that can carry the credible mapping of the actual identity and chain identity of the entity object (person or thing), as well as the realization of safe access authorization and data exchange between the entity objects. WeIdentity is independently developed and fully open source by the Microbank. It adheres to the concept of public alliance chains integrating resources, exchanging value, and serving the public. It is committed to becoming a distributed commercial infrastructure linking multiple vertical industry fields, promoting pan-industry, cross-institution, and cross-regional. Identity authentication and data cooperation. In the traditional way, user registration and identity management are completely dependent on the single center's registration agency; with the emergence of distributed ledger technology (such as blockchains), distributed multi-center identity registration, and identification.
-
24
AmazonMSK AWS Identity Access Management
Use AWS Identity and (IAM) to connect to Amazon Managed Streaming
The Amazon MSK Library for AWS Identity and Access Management enables developers to use AWS Identity and Access Management (IAM) to connect to their Amazon Managed Streaming for Apache Kafka (Amazon MSK) clusters. It allows JVM-based Apache Kafka clients to use AWS IAM for authentication and authorization against Amazon MSK clusters that have AWS IAM enabled as an authentication mechanism. This library provides a new Simple Authentication and Security Layer (SASL) mechanism called AWS_MSK_IAM. This new SASL mechanism can be used by Kafka clients to authenticate against Amazon MSK clusters using AWS IAM. After you've downloaded the code from GitHub, you can build it using Gradle. An uber jar containing the library and all its relocated dependencies except the kafka client and slf4j-api can also be built. At runtime, the uber jar expects to find the kafka client library and the sl4j-api library on the classpath. -
25
Authing
IDaaS/IAM solution that can Auth to web and mobile applications
Authing quickly implements authentication and user management for any Web, App, and enterprise software to provide the most complete login solution for your customers and employees. Authing serves as an identity infrastructure, or Identity As A Service (IDaaS) for cloud computing. Authing focuses on identity and building social infrastructure for identity sharing across all SaaS software and users to help companies build a secure modern IT infrastructure that not only protects their business but also redefines the user experience. Authing is the foundation for secure connections between a complex identity ecology and an application ecology in which countless identities access applications and resources in a borderless way. Authing taking "API first" as the product cornerstone, all commonly used functions in the identity field are modularized and all capabilities are provided to developers through the full scene programming language SDK.
