MaxKey
Dromara MaxKey 🗝️ SSO ,Leading-Edge IAM-IDaas(Identity and Access Management) Product , Under Apache-2.0 is free ,业界领先的IAM-IDaas身份管理和认证产品,遵循Apache-2.0开源免费,支持OAuth2.x、OpenID Connect、SAML2.0、CAS、JWT、SCIM等SSO标准协议,基于RBAC统一权限控制,实现用户生命周期管理,开源、安全、合规、自主可控。
Install / Use
/learn @dromara/MaxKeyREADME
Overview
Dromara <b>MaxKey</b> Single Sign-On System is <b>a leading-edge IAM/IDaaS (Identity and Access Management) Product</b>. Its name is a homophone of "Marx's key," symbolizing how it unlocks complex enterprise security needs like a master key while providing simple and efficient solutions. The product supports OAuth 2.x/OpenID Connect, SAML 2.0, JWT, CAS, SCIM and other standard protocols, and provides <b> Secure , Standard and Open </b> Identity Management (IDM), Access Management (AM), Single Sign-On (SSO), RBAC permission management and Resource Management.
MaxKey focuses on performance, security, and ease of use in enterprise scenarios, is widely used in industries such as healthcare, finance, government, and manufacturing.
MaxKey under <b>Apache License, Version 2.0 is free </b>. Open Source, Secure, Compliance, Independent and Controllable .
Official Website <a href="https://www.maxkey.top/" target="_blank"><b>https://www.maxkey.top/</b></a>
WeChat:
<img src="images/wechat.jpg?raw=true" width="200px" alt="官方微信"/>QQ : <b> 1054466084 </b>
email: <b> support@maxsso.net </b>
Online Demo <a href="https://maxkey.top/zh/about/demo.html" target="_blank"><b>Access Online Demo</b></a>
Issue guide <a href="https://gitee.com/dromara/MaxKey/issues?q=is%3Aclosed">Closed List</a> | <a href="https://gitee.com/dromara/MaxKey/issues/I65IEQ">New Issue</a>
Code Hosting <a href="https://github.com/dromara/MaxKey" target="_blank"><b>GitHub</b></a> | <a href="https://gitee.com/dromara/MaxKey" target="_blank"><b>Gitee</b></a> | <a href="https://gitcode.com/dromara/MaxKey/overview" target="_blank"><b>GitCode</b></a>
<b> Single Sign On </b>(<b> SSO </b >),Users only need to login to the authentication center once , access all the trusted application systems without logging in again.
Key Functions
- All application systems share one Identity authentication system
- All application systems can Identify and extract Ticket
Features
- Standard Protocols
| No. | Protocols | Support | | --------| :----- | :---- | | 1.1 | OAuth 2.x/OpenID Connect | HIGH | | 1.2 | SAML 2.0 | HIGH | | 1.3 | JWT | HIGH | | 1.4 | CAS | HIGH | | 1.5 | SCIM 2.0 | HIGH | | 1.6 | FormBased | MIDDLE| | 1.7 | TokenBased(Post/Cookie) | MIDDLE| | 1.8 | ExtendApi | LOW | | 1.9 | EXT | LOW |
- Authentication
| No. | SignIn Support | Support | | --------| :----- | :---- | | 2.1 | Captcha | letter / number / arithmetic | | 2.2 | Two Factor Authentication | SMS / TOPT/ Mail | | 2.3 | SMS | Tencent SMS / Alibaba SMS / NetEaseYunXin | | 2.4 | TOTP | Google/Microsoft Authenticator/FreeOTP/Support TOTP or HOTP | | 2.5 | Domain | Kerberos/SPNEGO/AD domain| | 2.6 | LDAP | OpenLDAP/ActiveDirectory/Standard LDAP Server | | 2.7 | Social Account | WeChat/QQ/ Weibo/DingTalk/Google/Facebook/other | | 2.8 | Scan QR Code | WorkWeiXin/DingTalk/FeiShu Scan QR Code | | 2.9 | No Password | WebAuthn FIDO2/passkey |
-
Standard Authentication Protocols for applications to integrate sso, secure mobile access, secure API, third-party authentication and Internet authentication.
-
Identity Lifecycle management, support SCIM 2 , and The out of the box connector realizes identity supply synchronization.
-
Simplify Microsoft Active Directory , standard LDAP server organization and account management, and reset password through password self-service.
-
The IDaas Multi-Tenancy authentication platform , supports the independent management of multiple enterprises under the group company or the data isolation of different departments under the enterprise, so as to reduce the operation and maintenance cost.
-
The platform independence and diversity of environment. It supports web, mobile phone, mobile devices, such as apple IOS, Android, etc., and covers the certification ability from B/S to mobile applications.
-
Configured password and access policies; Supports precise IP positioning in Ip2region or GeoLite2 geographic databases, powerful security auditing, full lifecycle audit of users, traceability audit of access behavior records, security compliance audit, and security risk warning.
-
Based on Java EE platform , microservice architecture, Use Spring, MySQL, Tomcat, Redis and other open source technologies, and has strong scalability.
-
Open Source, Secure, Compliance, Independent and Controllable .
Interface
MaxKey
Login UI <img src="images/maxkey_login.png?raw=true"/>
App List UI <img src="images/maxkey_index.png?raw=true"/>
MaxKey Management
Report UI <img src="images/maxkey_mgt_rpt.png?raw=true"/>
User Management UI <img src="images/maxkey_mgt_users.png?raw=true"/>
App Management UI <img src="images/maxkey_mgt_apps.png?raw=true"/>
Download
| Version | Date | Download URL | | -------- | :----- | :---- | | v 4.1.11 | 2026/02/02 | <a href="https://www.maxkey.top/zh/about/download.html" target="_blank">Download</a> |
Install
| OS | Manual | | -------- | :----- | | Windows | <a href="https://www.maxkey.top/zh/about/download.html" target="_blank">Document</a> | | Linux | <a href="https://www.maxkey.top/zh/about/download.html" target="_blank">Document</a> | | Docker | <a href="https://www.maxkey.top/zh/about/download.html" target="_blank">Document</a> | | 宝塔 <a target="_blank" href="https://www.bt.cn/u/AjsXmi"> <img src="https://img.shields.io/badge/BT-Install-20a53a" /></a> | <a href="https://www.maxkey.top/zh/about/download.html" target="_blank">Document</a> |
License
<a href="http://www.maxkey.top/zh/about/licenses.html" target="_blank">Apache License, Version 2.0</a>
中国信通院零信任实验室
<a href="https://mp.weixin.qq.com/s/2T9TCo3EP0o9bD8ArAjUkw" target="_blank">中国信通院零信任实验室</a>
零信任标准工作组
<a href="https://gitee.com/zero-trust/ZeroTrust" target="_blank">国内最权威的零信任产业组织</a>
Gitee最有价值开源项目GVP
<a href="http://maxkey.top/zh/about/welcome.html" target="_blank">Gitee-最有价值开源项目GVP</a>
Dromara社区
<a href="https://dromara.org/zh/" target="_blank">Dromara</a>致力于微服务云原生解决方案的组织。
-
开放 技术栈全面开源共建、 保持社区中立、兼容社区 兼容开源生态
-
愿景 让每一位开源爱好者,体会到开源的快乐
-
口号 为往圣继绝学,一个人或许能走的更快,但一群人会走的更远
知识星球
<img src="images/zsxq.png?raw=true"/>User Registration
<a href="https://github.com/dromara/MaxKey/issues/40" target="_blank"> Click to register </a> as MaxKey user and contribute to MaxKey!
以下为部分接入或测试中的用户
| No. | 单位 | | -------- | :----- | | 1 | 中国人民警察大学 | | 2 | 福耀科技大学 | | 3 | 兰州现代职业学院 | | 4 | 长春职业技术学院 | | 5 | 云南师范大学 | | 6 | 云南农业职业技术学院 | | 7 | 惠州卫生职业技术学院 | | 8 | 厦门软件职业技术学院 | | 9 | 宜昌市三峡中等专业学校 | | 10 | 上海图书馆 | | 11 | 重庆市北碚图书馆 | | 12 | 天津市劳动保障技师学院 | | 13 | 南京财经高等职业技术学校 | | 14 | 泸州市教育和体育局 | | 15 | 余姚市教育局 | | 16 | 河南地矿职业学院 | | 17 | 西昌医学高等专科学校 | | 18 | 福建卫生职业技术学院 | | 19 | 国家高端智能化家用电器创新中心 | | 20 | 华夏金融租赁有限公司 | | 21 | 国宝人寿保险股份有限公司 | | 22 | 国元证券 | | 23 | 紫金财产保险股份有限公司 | | 24 | 路特斯中国 | | 25 | 奇瑞汽车股份有限公司 | | 26 | 宇通客车股份有限公司 | | 27 | 国家能源局 | | 28 | 国务院港澳事务办公室 | | 29 | 百度智能云身份管理服务 | | 30 | 360公司 | | 31 | 三一华兴 | | 32 | 中国金融认证中心 | | 33 | 西藏阜康医院 | | 34 | 海阳市人民医院 | | 35 | 国家中小企业数字化转型促进中心 | | 36 | 联鹏应用软件(上海)有限公司 | | 37 | 上海万序健康科技有限公司 | | 38 | 上海中商网络股份有限公司 | | 39 | 上海半天妖餐饮管理有限公司 | | 40 | 上海杨国福企业管理(集团)有限公司 | | 41 | 上海契胜科技有限公司 | | 42 | 纯米科技(上海)股份有限公司 | | 43 | 中腾信金融信息服务(上海)有限公司 | | 44 | GAP盖璞(上海)商业有限公司 | | 45 | 汤臣倍健股份有限公司 | | 46 | 跳羚科技(厦门)有限公司 | | 47 | 飞天诚信科技股份有限公司 | | 48 | 浪潮工业互联网股份有限公司 | | 49 | 唐颐控股有限公司
