English | Chinese

An overview of the

MaxKey Single Sign On System, which means “the biggest key” in Chinese, is the industry-leading enterprise-level open source IAM identity management and identity authentication products, and the first brand of open source IAM in China. Support OAuth 2.0/OpenID Connect, SAML 2.0, JWT, CAS, SCIM and other standard protocols, providing simple, standard, secure and open user identity management (IDM), identity authentication (AM), single sign-on (SSO), RBAC authority management and resource management.

The official website of website | website

QQ communication group: 434469201

The following email: [email protected]

Managed code making | yards cloud (Gitee)

What is Single Sign On, or SSO for short?

Users only need to log in to the authentication authority once to access all the mutually trusted applications without needing to log in again.

Main functions:

1) All application systems share an identity authentication system

2) All application systems can identify and extract ticket information

Product features

  1. Standard certification protocol:
The serial number agreement support
1.1 The 2.0 / OpenID Connect high
1.2 SAML 2.0 high
1.3 JWT high
1.4 CAS high
1.5 FormBased In the
1.6 TokenBased(Post/Cookie) In the
1.7 ExtendApi low
1.8 EXT low
  1. Log on to support
The serial number Log on to way
2.1 Dynamic CAPTCHA alphabet/number/arithmetic
2.2 Two-factor authentication
2.3 SMS authentication Tencent cloud SMS/Ali cloud SMS/netease cloud letter
2.4 Log on to easy /Google/Microsoft Authenticator/FreeOTP/ Support TOTP or HOTP
2.5 The Kerberos/SPNEGO/AD domain
2.6 The OpenLDAP/ActiveDirectory/standard LDAP server
2.7 Social accounts WeChat /QQ/ Weibo/Dingding /Google/Facebook/ others
  1. Provide a standard authentication interface for other applications to integrate SSO, secure mobile access, secure API, third party authentication and Internet authentication.
  2. Provide user life cycle management, support SCIM 2 protocol, based on Apache Kafka agent, through the Connector (Connector) to achieve identity provisioning synchronization.
  3. Certification center is platform independent, environmental diversity, support Web, mobile phone, mobile devices, such as Apple iOS, Andriod, etc., the certification ability from B/S to mobile applications comprehensive coverage.
  4. A variety of certification mechanisms coexist, each application system can retain the original certification mechanism, at the same time integrate certification center certification; The application has a high degree of independence, does not depend on authentication center, and can use authentication center authentication, to achieve single sign-on.
  5. Based on Java platform development, using Spring, MySQL, Tomcat, Apache Kafka, Redis and other open source technologies, support micro services, strong scalability.
  6. Open source, security, independent control, Apache 2.0 License & MaxKey copyright notice.

interface

MaxKey certification

Login screen

 

The main interface

 

MaxKey management

Access the report

 

User management

 

Application management

 

download

Current version baidu net disk download, historical version

version The date of Download address Extract the code
V 2.7.0 GA 2021/04/15 A link to download hf73

Roadmap

1.MaxKey Cloud(MicroServices Edition) — 2021

2. Zero trust scenario integration

Release notes

MaxKey V 2.7.0GA 2021/04/15

*(Maxkey-210301) Join Dromara open source organization, optimize official website, optimize documentation *(Maxkey-210302) Bootjar, Docker, *(maxkey-210303) OpenLDAP, Active Directory password validation support *(maxkey-210304) Database access comment changed from @Service to @Repository *(maxkey-210305) cas logout optimization *(maxkey-210306) cas single-point logout and return data type adapter optimization *(maxkey-210307) cas return data class refactoring *(maxkey-210308) Constants *(MAXKEY-210309) cancel null pointer exception BUG *(MAXKEY-210310) OAUTH2 address optimization Uniform configuration constant class OAUTH2Constants *(maxkey-210311) OAuth2 Token authentication conversion BUG when invoked multiple times *(maxkey-210312) ExtendAPI standard optimization *(maxkey-210313) Added ExtendAPI adapter based on time signature Extended data configuration optimization *(MAXKEY-210316) LDAP and MS AD fixed attribute Constants *(MAXKEY-210317) SpringSecurity OAuth 2 Client Login Adapter *(Maxkey-210318) removed Desktop support, *(maxkey-210319) application.properties profiles *(maxkey-210320) remove maxkey.properties, configure integration into application.properties *(maxkey-210321) add adapter registration function, *(maxkey-210322) *(maxkey-210323) *(TimeBased OTP) *(maxkey-210324) XSS security function *(maxkey-210326) *(GitLab) *(maxkey-210327) *(maxkey-210328) JumpServer Single Sign-On Adapter *(Maxkey-210329) Huawei Cloud Single Sign-On Adapter *(Maxkey-210330) Jenkins Single Sign-On Adapter *(Maxkey-210331) Notification and Announcements *(maxkey-210333) SDK *(maxkey-210334) Depend on JAR references, updates, and updates for Log4J 2.14.1 Spring 5.3.6 Spring Boot 2.4.4 SpringSecurity 5.4.6 tomcat 9.0.44