privacyIDEA is a modular authentication system. Originally for OTP authentication devices. But other “devices” like challenge response and SSH keys are coming up. It runs on Linux and is completely opensource, licensed under the AGPLv3.

Openness and Transparency

privacyIDEA tries to be open in many ways. We try to provide best transparency: We host our code on github, so that you can monitor the development. The issue tracker at github is used, so that you can see, which topic is hot, what is coming up in the future and actually add your own requests! New features are planned in the github wiki. We are using travis-ci.org to run our tests. You can see which tests pass and also which test fail! Yes, code breaks and tests fail.

privacyIDEA is not ruled by a single company (although at the moment only one company is involved). Thus when using privacyIDEA or getting involved you are not at the mercy of one single, revenue driven decision maker.

Technical

privacyIDEA can read users from many different sources like flat files, different LDAP services, SQL databases and SCIM services.

Authentication devices to provide two factor authentication can be assigned to those users, either by administrators or by the users themselves. Policies define what a user is allowed to do in the selfservice portal and what an administrator is allowed to do in the management interface.

The system is written in python, uses pylons as web framework and an SQL database as datastore. Thus it can be enrolled quite easily providing a lean installation.

See a detailed list of features.

Do you want colors and pixels? You can find them here.

In addition privacyIDEA supports users in SCIM servers, sending SMS the sipgate API, OTP authentication for administrators and users in the selfservice portal, a new SSH token and “machines and applications“.

Fork me on GitHub