Aerobase
An open-source Identity and Access Management (IAM) solution that acts as an identity provider (IDP) leveraging standard protocols to secure applications.
| Category | Identity & Access Management |
|---|---|
| Last Commit | 1 year ago |
| This page updated | a month ago |
| Pricing Details | Free and open-source with community support; enterprise options available. |
| Target Audience | Developers and organizations looking for a robust IAM solution. |
Aerobase addresses the complex challenge of managing identity and access across diverse applications and services by providing a robust, open-source Identity and Access Management (IAM) solution. At its core, Aerobase acts as an identity provider (IDP) that leverages standard protocols such as OpenID Connect, OAuth 2.0, and SAML 2.0 to secure web and RESTful applications.
The technical architecture of Aerobase involves a separate server that manages authentication and authorization. Applications are configured to redirect users to the Aerobase server for authentication, where users enter their credentials. Aerobase then issues cryptographically signed identity tokens or assertions that contain user profile data and permission information, which are used by applications to make authorization decisions. This approach ensures that applications never see user credentials, enhancing security.
Operationally, Aerobase can integrate with existing LDAP and Active Directory systems, as well as delegate authentication to third-party identity providers like Facebook and Google+. It supports various deployment modes, including standalone, cluster, and hybrid configurations, which require setup of a shared database and load balancer for scalability. SSL configuration is also crucial, with options to require SSL for all requests, external requests, or none at all, depending on the environment.
Key considerations include the need for a production-ready external database, as the embedded PostgreSQL database is only suitable for out-of-the-box testing. Additionally, enabling HTTPS is essential for secure communication, requiring the setup of SSL certificates and configuration files. The system also supports fine-grained authorization policies based on role-based access control (RBAC), which can be customized to define access to web resources.
In terms of technical details, Aerobase uses JDBC to connect to relational databases, and it supports various JDBC drivers for different database types. The system can handle millions of users and is designed to be cloud-ready, supporting deployments on GCP, AWS, and Azure.