Keystone is a fully containerized lightweight SCIM 2.0 API implementation.
Run the container with zero config to test it:
# Pull the image:
docker pull ghcr.io/keystone-scim/keystone:latest
# Run the container:
docker run -it \
-p 5001:5001 \
-e AUTHENTICATION_SECRET=supersecret \
ghcr.io/keystone-scim/keystone:latestRead the Keystone documentation to understand how you can configure Keystone with its different backends.
What's Keystone?
Keystone implements the SCIM 2.0 REST API. If you run your identity management operations with an identity manager that supports user provisioning (e.g., Azure AD, Okta, etc.), you can use Keystone to persist directory changes. Keystone v0.1.0 supports two persistence layers: PostgreSQL, MongoDB, Azure Cosmos DB, and MySQL.
Key features:
- A compliant SCIM 2.0 REST API implementation for Users and Groups.
- Stateless container - deploy it anywhere you want (e.g., Kubernetes) and bring your own storage.
- Pluggable store for users and groups. Current supported storage technologies:
- Azure Cosmos DB
- PostgreSQL (version 10 or higher)
- MongoDB (version 3.6 or higher)
- MySQL (version 5.7.8 or higher)
- Azure Key Vault bearer token retrieval.
- Extensible store: Can't use MongoDB, Cosmos DB, PostgreSQL, or MySQL? Open an issue and/or consider becoming a contributor by implementing your own data store.
Please see the Contribution Guide to get started.