Ferriskey
discoverkubernetesmodules

Modules

FerrisKey is built as a collection of purpose-built modules. Each module owns a specific aspect of identity management and can be understood, configured, and extended independently.

Trident

Multi-Factor Authentication — TOTP, WebAuthn passkeys, magic links, and recovery codes.

SeaWatch

Audit & Security Events — Track and query every critical action across your realms.

Compass

Authentication Flow Engine — Orchestrate multi-step authentication with conditional logic.

Abyss

Identity Provider Federation — Connect Google, GitHub, Discord, and custom OIDC providers.

Aegis

Scopes & Protocol Mappers — Control exactly what data flows into your tokens.

Webhooks

Event-Driven Extensibility — Subscribe to lifecycle events and push notifications to external systems.

Module Architecture

Each module is implemented as either:

  • A domain module within core/src/domain/ — tightly integrated with the core domain
  • A standalone library crate in libs/ — reusable and independently testable

All modules follow FerrisKey’s hexagonal architecture: business logic is pure, dependencies are injected through ports (traits), and infrastructure concerns are handled at the boundary.