What is FerrisKey?

FerrisKey is a modern, open-source Identity & Access Management (IAM) system built in Rust. It gives your applications authentication, authorization, and user management — without the complexity of legacy solutions.

What is IAM?

Identity & Access Management answers two questions for every request your system receives:

• Authentication — Who are you? Verifying identity through passwords, multi-factor authentication, passkeys, or federated providers.
• Authorization — What can you do? Determining which resources and actions an authenticated identity is permitted to access.

Beyond these fundamentals, a modern IAM system handles token issuance (JWT), single sign-on (SSO), session management, audit logging, and integration with external identity providers.

Why FerrisKey?

FerrisKey was built from scratch in Rust to address the shortcomings of existing IAM solutions:

• Performance & Safety — Rust’s memory safety guarantees and zero-cost abstractions deliver an IAM server that is fast, reliable, and free from entire classes of security vulnerabilities.
• Multi-Tenancy — Realms provide complete tenant isolation. Users, clients, roles, credentials, and configuration are fully scoped — one deployment serves many organizations.
• Modular Architecture — A hexagonal architecture with clearly separated domain modules. Enable only what you need.
• Open Source — MIT-licensed, community-driven, and designed for transparency.

Modules

FerrisKey is organized into purpose-built modules, each handling a specific aspect of identity management:

Next Steps