Decorative site banner
Project icon

com.io7m.idstore

  • About
  • Releases
  • Manual
  • Sources
  • License
  • Issues
Maven Central Version Maven Snapshot Code Coverage

idstore

The idstore package provides an identity server for centralized authentication.

Features

  • Simple, centralized identity storage and password checking. Passwords are securely stored using PBKDF2.
  • Email-based password reset functionality with a minimalist web interface.
  • Full API access for all operations: Separate user-facing and administrator-facing APIs are exposed on different ports and are accessed using an efficient binary protocol over HTTP.
  • Full Java API for performing user and administrative operations.
  • Strong separation between administrators and users.
  • Fine-grained capability-based security model for administrative operations; Safely write external services that can perform administrative operations while maintaining the principle of least privilege.
  • Command-line administrative shell.
  • Complete audit log; every operation that changes the state of the system is logged in an append-only log.
  • Fully instrumented with OpenTelemetry.
  • A small, easily auditable codebase with a heavy use of modularity for correctness.
  • An extensive automated test suite with high coverage.
  • Platform independence. No platform-dependent code is included in any form, and installations can largely be carried between platforms without changes.
  • Extensive documentation including information on installation, a setup tutorial, a theory of operation, maintenance and monitoring information, information on security properties, and full API documentation.
  • OCI-ready: Ready to run as an immutable, stateless, read-only, unprivileged container for maximum security and reliability.
  • OSGi-ready.
  • JPMS-ready.
  • ISC license.

Usage

See the documentation.

Releases & Development Snapshots

Releases

You can subscribe to the atom feed to be notified of project releases.

The most recently released version of the package is 2.0.2.

2.0.2 Release (2024-11-08Z)

  • Upgrade Temurin and Alpine in OCI containers.
  • Fix an issue that was preventing maintenance from running. (Tickets: 243)

The compiled artifacts for the release (and all previous releases) are available on Maven Central.

Maven Modules

<dependency> <group>com.io7m.idstore</group> <artifactId>com.io7m.idstore.admin_client.api</artifactId> <version>2.0.2</version> </dependency><dependency> <group>com.io7m.idstore</group> <artifactId>com.io7m.idstore.admin_client</artifactId> <version>2.0.2</version> </dependency><dependency> <group>com.io7m.idstore</group> <artifactId>com.io7m.idstore.database.api</artifactId> <version>2.0.2</version> </dependency><dependency> <group>com.io7m.idstore</group> <artifactId>com.io7m.idstore.database.postgres</artifactId> <version>2.0.2</version> </dependency><dependency> <group>com.io7m.idstore</group> <artifactId>com.io7m.idstore.documentation</artifactId> <version>2.0.2</version> </dependency><dependency> <group>com.io7m.idstore</group> <artifactId>com.io7m.idstore.error_codes</artifactId> <version>2.0.2</version> </dependency><dependency> <group>com.io7m.idstore</group> <artifactId>com.io7m.idstore.grafana</artifactId> <version>2.0.2</version> </dependency><dependency> <group>com.io7m.idstore</group> <artifactId>com.io7m.idstore.main</artifactId> <version>2.0.2</version> </dependency><dependency> <group>com.io7m.idstore</group> <artifactId>com.io7m.idstore.model</artifactId> <version>2.0.2</version> </dependency><dependency> <group>com.io7m.idstore</group> <artifactId>com.io7m.idstore.oci</artifactId> <version>2.0.2</version> </dependency><dependency> <group>com.io7m.idstore</group> <artifactId>com.io7m.idstore.protocol.admin.cb</artifactId> <version>2.0.2</version> </dependency><dependency> <group>com.io7m.idstore</group> <artifactId>com.io7m.idstore.protocol.admin</artifactId> <version>2.0.2</version> </dependency><dependency> <group>com.io7m.idstore</group> <artifactId>com.io7m.idstore.protocol.api</artifactId> <version>2.0.2</version> </dependency><dependency> <group>com.io7m.idstore</group> <artifactId>com.io7m.idstore.protocol.user.cb</artifactId> <version>2.0.2</version> </dependency><dependency> <group>com.io7m.idstore</group> <artifactId>com.io7m.idstore.protocol.user</artifactId> <version>2.0.2</version> </dependency><dependency> <group>com.io7m.idstore</group> <artifactId>com.io7m.idstore.server.admin_v1</artifactId> <version>2.0.2</version> </dependency><dependency> <group>com.io7m.idstore</group> <artifactId>com.io7m.idstore.server.api</artifactId> <version>2.0.2</version> </dependency><dependency> <group>com.io7m.idstore</group> <artifactId>com.io7m.idstore.server.controller</artifactId> <version>2.0.2</version> </dependency><dependency> <group>com.io7m.idstore</group> <artifactId>com.io7m.idstore.server.http</artifactId> <version>2.0.2</version> </dependency><dependency> <group>com.io7m.idstore</group> <artifactId>com.io7m.idstore.server.security</artifactId> <version>2.0.2</version> </dependency><dependency> <group>com.io7m.idstore</group> <artifactId>com.io7m.idstore.server.service.branding</artifactId> <version>2.0.2</version> </dependency><dependency> <group>com.io7m.idstore</group> <artifactId>com.io7m.idstore.server.service.clock</artifactId> <version>2.0.2</version> </dependency><dependency> <group>com.io7m.idstore</group> <artifactId>com.io7m.idstore.server.service.configuration</artifactId> <version>2.0.2</version> </dependency><dependency> <group>com.io7m.idstore</group> <artifactId>com.io7m.idstore.server.service.health</artifactId> <version>2.0.2</version> </dependency><dependency> <group>com.io7m.idstore</group> <artifactId>com.io7m.idstore.server.service.mail</artifactId> <version>2.0.2</version> </dependency><dependency> <group>com.io7m.idstore</group> <artifactId>com.io7m.idstore.server.service.maintenance</artifactId> <version>2.0.2</version> </dependency><dependency> <group>com.io7m.idstore</group> <artifactId>com.io7m.idstore.server.service.ratelimit</artifactId> <version>2.0.2</version> </dependency><dependency> <group>com.io7m.idstore</group> <artifactId>com.io7m.idstore.server.service.reqlimit</artifactId> <version>2.0.2</version> </dependency><dependency> <group>com.io7m.idstore</group> <artifactId>com.io7m.idstore.server.service.sessions</artifactId> <version>2.0.2</version> </dependency><dependency> <group>com.io7m.idstore</group> <artifactId>com.io7m.idstore.server.service.telemetry.api</artifactId> <version>2.0.2</version> </dependency><dependency> <group>com.io7m.idstore</group> <artifactId>com.io7m.idstore.server.service.telemetry.otp</artifactId> <version>2.0.2</version> </dependency><dependency> <group>com.io7m.idstore</group> <artifactId>com.io7m.idstore.server.service.templating</artifactId> <version>2.0.2</version> </dependency><dependency> <group>com.io7m.idstore</group> <artifactId>com.io7m.idstore.server.service.tls</artifactId> <version>2.0.2</version> </dependency><dependency> <group>com.io7m.idstore</group> <artifactId>com.io7m.idstore.server.service.verdant</artifactId> <version>2.0.2</version> </dependency><dependency> <group>com.io7m.idstore</group> <artifactId>com.io7m.idstore.server.user_v1</artifactId> <version>2.0.2</version> </dependency><dependency> <group>com.io7m.idstore</group> <artifactId>com.io7m.idstore.server.user_view</artifactId> <version>2.0.2</version> </dependency><dependency> <group>com.io7m.idstore</group> <artifactId>com.io7m.idstore.server.vanilla</artifactId> <version>2.0.2</version> </dependency><dependency> <group>com.io7m.idstore</group> <artifactId>com.io7m.idstore.shell.admin</artifactId> <version>2.0.2</version> </dependency><dependency> <group>com.io7m.idstore</group> <artifactId>com.io7m.idstore.strings</artifactId> <version>2.0.2</version> </dependency><dependency> <group>com.io7m.idstore</group> <artifactId>com.io7m.idstore.tests.arbitraries</artifactId> <version>2.0.2</version> </dependency><dependency> <group>com.io7m.idstore</group> <artifactId>com.io7m.idstore.tests.extensions</artifactId> <version>2.0.2</version> </dependency><dependency> <group>com.io7m.idstore</group> <artifactId>com.io7m.idstore.tests</artifactId> <version>2.0.2</version> </dependency><dependency> <group>com.io7m.idstore</group> <artifactId>com.io7m.idstore.tls</artifactId> <version>2.0.2</version> </dependency><dependency> <group>com.io7m.idstore</group> <artifactId>com.io7m.idstore.user_client.api</artifactId> <version>2.0.2</version> </dependency><dependency> <group>com.io7m.idstore</group> <artifactId>com.io7m.idstore.user_client</artifactId> <version>2.0.2</version> </dependency>

Previous Releases

The changelogs for the most recent previous releases are as follows:

2.0.1 Release (2024-05-22Z)

  • Update com.github.davidmoten:subethasmtp:7.0.2 → 7.1.1.
  • The idstore worker role was not being used to connect to the database. (Tickets: 154)

2.0.0 Release (2024-05-11Z)

  • Update io.opentelemetry:opentelemetry-sdk-logs:1.36.0 → 1.37.0
  • Update io.opentelemetry:opentelemetry-bom:1.36.0 → 1.37.0
  • Update ch.qos.logback:logback-classic:1.5.3 → 1.5.4
  • Update ch.qos.logback:logback-core:1.5.3 → 1.5.4
  • Update commons-io:commons-io:2.16.0 → 2.16.1
  • Update com.io7m.jdeferthrow:com.io7m.jdeferthrow.core:1.2.0 → 1.3.0.
  • Update com.io7m.jaffirm:com.io7m.jaffirm.core:4.0.0 → 4.0.1.
  • Update org.jooq.version:3.19.7 → 3.19.8.
  • Update org.jetbrains.kotlin:kotlin-stdlib:1.9.23 → 1.9.24.
  • Update com.io7m.jxe:com.io7m.jxe.core:1.0.2 → 1.0.3.
  • Update com.io7m.jlexing:com.io7m.jlexing.core:3.1.0 → 3.2.0.
  • Update com.io7m.seltzer:com.io7m.seltzer.api:1.0.0 → 1.0.1.
  • Update net.bytebuddy.version:1.14.14 → 1.14.15.
  • Upgrade to hibiscus 1.0.0-beta0001. (Backwards incompatible)
  • Update ch.qos.logback.version:1.5.4 → 1.5.5.
  • Update org.slf4j.version:2.0.12 → 2.0.13.
  • Update org.codehaus.mojo:jaxb2-maven-plugin:3.1.0 → 3.2.0.
  • Update org.apache.commons:commons-text:1.11.0 → 1.12.0.
  • Update ch.qos.logback.version:1.5.5 → 1.5.6.
  • Update io.helidon:helidon-bom:4.0.7 → 4.0.8.
  • Update net.bytebuddy.version:1.14.13 → 1.14.14.
  • Update com.io7m.ervilla.version:1.0.0-beta0002 → 1.0.0.
  • Update com.io7m.quarrel.version:1.6.0 → 1.6.1.
  • Update com.io7m.jade.version:1.0.2 → 1.0.3.
  • Update com.io7m.anethum.version:1.1.0 → 1.1.1.
  • Update com.io7m.quixote:com.io7m.quixote.core:1.2.0 → 1.3.0.
  • Update com.io7m.verdant.version:1.0.0 → 1.0.1.
  • Update com.io7m.canonmill:com.io7m.canonmill.core:2.0.1 → 2.1.0.
  • Update com.io7m.jxtrand.version:2.0.0 → 2.1.0.
  • Update io.opentelemetry:opentelemetry-bom:1.37.0 → 1.38.0.
  • Update com.io7m.blackthorne.version:2.0.0 → 2.0.1.
  • Update io.opentelemetry:opentelemetry-sdk-logs:1.37.0 → 1.38.0.
  • Update org.mockito:mockito-core:5.11.0 → 5.12.0.
  • Update com.io7m.jmulticlose:com.io7m.jmulticlose.core:1.1.2 → 1.1.3.
  • Update com.io7m.repetoir:com.io7m.repetoir.core:1.0.0 → 1.0.1.
  • Update com.io7m.jbssio.version:2.0.0 → 2.1.0.

1.2.1 Release (2024-04-07Z)

  • Re-add missing mail service implementation.

1.2.0 Release (2024-04-07Z)

  • Update com.io7m.ervilla:com.io7m.ervilla 0.0.5 → 1.0.0-beta0001.
  • Update ch.qos.logback:logback-classic:1.4.14 → 1.5.3
  • Update ch.qos.logback:logback-core:1.4.14 → 1.5.3
  • Update org.slf4j:jul-to-slf4j:2.0.10 → 2.0.12
  • Update org.slf4j:slf4j-api:2.0.10 → 2.0.12
  • Update com.io7m.jmulticlose:com.io7m.jmulticlose.core:1.1.0 → 1.1.2
  • Update com.io7m.quarrel:com.io7m.quarrel.core:1.4.0 → 1.6.0
  • Update com.io7m.quarrel:com.io7m.quarrel.ext.logback:1.4.0 → 1.6.0
  • Update com.io7m.quarrel:com.io7m.quarrel.ext.xstructural:1.4.0 → 1.6.0
  • Update com.io7m.quixote:com.io7m.quixote.core:1.1.0 → 1.2.0
  • Update org.jooq:jooq:3.19.1 → 3.19.7
  • Update org.jooq:jooq-postgres-extensions:3.19.1 → 3.19.7
  • Update org.postgresql:postgresql:42.7.2 → 42.7.3
  • Update io.opentelemetry:opentelemetry-sdk-logs:1.33.0 → 1.36.0
  • Update org.jetbrains.kotlin:kotlin-stdlib:1.9.22 → 1.9.23
  • Update io.opentelemetry:opentelemetry-bom:1.33.0 → 1.36.0
  • Update io.helidon:helidon-bom:4.0.2 → 4.0.7
  • Update com.helger:ph-css:7.0.1 → 7.0.2
  • Update com.squareup.okio:okio-jvm:3.7.0 → 3.9.0
  • Update org.jline:jline:3.25.0 → 3.25.1
  • Update org.eclipse.angus:jakarta.mail:2.0.2 → 2.0.3
  • Update jakarta.activation:jakarta.activation-api:2.1.2 → 2.1.3
  • Update com.github.davidmoten:subethasmtp:6.0.7 → 7.0.2
  • Update io.helidon:helidon-bom:4.0.2 → 4.0.7

Development Snapshots

At the time of writing, the current unstable development version of the package is 3.0.0-SNAPSHOT.

Development snapshots may be available in the Central Portal Snapshots repository. Snapshots are published to this repository every time the project is built by the project's continuous integration system, but snapshots do expire after around ninety days and so may or may not be available depending on when a build of the package was last triggered.

Manual

User Manual

  • XHTML - One page per section
  • XHTML - Single page

Sources

This project uses Git to manage source code.

Repository: https://www.github.com/io7m-com/idstore

$ git clone --recursive https://www.github.com/io7m-com/idstore

Issues

This project uses GitHub Issues to track issues.

License

Copyright © 2023 Mark Raynsford <code@io7m.com> https://www.io7m.com Permission to use, copy, modify, and/or distribute this software for any purpose with or without fee is hereby granted, provided that the above copyright notice and this permission notice appear in all copies. THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.

Last Updated 2025-08-09T12:39:30Z