A Modern IAM Built
for Distributed
Systems
FerrisKey is an open-source, cloud-native Identity & Access Management platform designed for Kubernetes, multi-tenancy, and modern security architectures.
Console Preview
Product Console Preview
Control realms, clients, tokens, policies and observability from a single operator-first console.
Client management
Identity providers
Webhooks
Client scopes & claims mapping
Organizations
Multi-tenant org hierarchy with isolated realms & billing
Organizations
Why FerrisKey
Identity infrastructure for cloud-native platforms, without legacy IAM complexity.
Identity & Access Management (IAM) is the backbone of any secure platform. It controls who can authenticate, what they are authorized to do, and how every access event is tracked across every service, team, and environment in your infrastructure.
Without a solid IAM foundation, teams end up with fragmented auth logic scattered across services, no unified audit trail, and security gaps that grow with every new product. FerrisKey addresses this with a unified, operator-first approach designed for distributed systems from day one.
Rust-native performance
Built in Rust from the ground up — not ported or wrapped. A ~10MB binary, sub-10ms auth latency, and a predictable memory footprint that holds under sustained load.
Deploy & manage your way
FerrisKey ships with first-class tooling for every ops workflow — from local testing to production GitOps pipelines. No custom scripting required.
Event-driven extensibility
Every identity event — login, token issuance, policy change, realm update — emits a structured event you can consume to trigger webhooks, sync to your data lake, or drive custom workflows without patching the core.
CNCF ecosystem integration
FerrisKey is designed to fit naturally into cloud-native stacks. Native integrations with the tools your platform team already runs — no adapters, no workarounds.
Modular Architecture
Modular by Design
Compose your IAM stack with focused modules aligned to enterprise security operations.
Trident
Use Trident to setup realms high-across auth flows events. Lightweight MFA, the policies and role-features.
SeaWatch
Use SeaWatch to audit actionable and monitorings technologies. Observe authentication and tracing management.
Abyss
Abyss makes Bridge 100% efficient system adapters allowing SAML, OIDC, LDAP, and federation flows straightforward.
Aegis
Full-fledged fine-grained authorization changes to distributed roles. Flexible policy config-first, attribute-based.
Compass
Trace every step of an authentication flow — session init, credential validation, token acquisition — and pinpoint exactly where and why it failed.
Supporting Partners
Backed by the best
Organizations and individuals who believe in open-source identity infrastructure.
Open to partners
Support FerrisKey
Logo placement, README visibility, Discord role and early feature access for your team.
Builders of FerrisKey
Core Team
Builders behind FerrisKey — systems, security and operations.
Open Source Community
Open Source Community
Code · Design · Triage · GitHub Stars · product feedback
Next Steps / Get Started
Ready to Build Secure Identity for Modern Platforms?
Start with FerrisKey today and ship a cloud-native IAM stack that scales with your infrastructure.