GitHunt
GR

gravitee-io/gravitee-access-management

Gravitee.io - Access Management - OpenSource IAM Solution

access-managementidentity-managementoauth2openid-connectscimsecurity-scan

Gravitee Dark Logo Gravitee Light Logo

Access Management

Secure your APIs with a robust, feature-rich Identity solution.


Build Status on CircleCI License Snyk Vulnerabilities for GitHub Repo
Gravitee.io Community Gravitee.io Documentation Official Twitter Handle

Table of contents

๐Ÿ” Overview

Gravitee.io AM aims to be a bridge between applications and identity providers to authenticate, authorize and getting information about user accounts.

๐Ÿš€ Features

  • Access security: Control and secure enterprise data with industry standard protocols such as OpenID Connect and OAuth 2.0 and JWT.
  • Single sign-on (SSO): Centralized and strong authentication for your customers using out-of-the-box or custom identity providers.
  • Multi-factor authentication (MFA): Enforce security and convenience by adding extra authentication factors.
  • Passwordless: Secure your apps and APIs with industry best-practice security using biometrics, tokens and further passwordless auth mechanisms.
  • Identity providers marketplace: Connect your application with your user resources such as LDAP, Database, Webservices, Azure AD, Social, ... .
  • Analytics dashboard: The out-of-the-box dashboards give you a 360-degree view of your applications and users. You can also use all metrics with external tools like Grafana or Kibana.
  • Plugins system: Specialize platform behavior to exactly fit your needs.

๐Ÿ”‘ Protocols

OpenID Connect Certification Logo Gravitee.io Access Management is OpenID Connect certified for the following profiles:
  • OpenID Provider: Basic OP, Implicit OP, Hybrid OP, Config OP, Dynamic OP
  • FAPI OpenID Provider: all profiles

Gravitee.io AM also supports the following protocols to help our customers to connect with 3rd party tools:

  • SAML 2.0: Security Assertion Markup Language 2.0
  • SCIM 2.0: System for Cross-domain Identity Management 2.0
  • CAS protocol: Central Authentication Service
  • Kerberos: Computer-network authentication protocol
  • JWT: JSON Web Tokens

๐Ÿ“š Documentation

You can find Gravitee.io Access Management's documentation here.

๐Ÿ‘ฅ Community

Got questions, suggestions or feedback? Why not join us on the Gravitee.io Community Forum.

๐Ÿ‘ Contributing

We welcome contributions! Please read the dedicated CONTRIBUTING guide for more info.

๐Ÿ“ License

Gravitee.io API Management is licensed under the Apache License, Version 2.0.

Languages

Java71.2%TypeScript22.0%HTML4.3%JavaScript0.9%Scala0.4%SCSS0.4%CSS0.3%Mustache0.2%Shell0.1%Makefile0.1%Go Template0.0%Dockerfile0.0%Batchfile0.0%FreeMarker0.0%Lua0.0%
Apache License 2.0
Created November 24, 2016
Updated March 10, 2026
gravitee-io/gravitee-access-management | GitHunt