Skip to content

Whydah Key Features

| | Whydah is a light-weight, modular, open source Single Sign-on and Identity and Access Management (IdM, IAM) |

Key Unique Selling Points

  • Agile, flexible and extendible. aka. Developer friendly
  • Modern micro-service design (Since Whydah 1.0)*
  • Support web, apps and desktop applications, including session handover(s) (Since Whydah 1.3)
  • Easily integrated to project development and CI processes - IAM/SSO from day one (simpler than bake your own)... (Since Whydah 1.0)
  • High scalability and High Availability built-in (Since Whydah 2.0)
  • Application security model (Since Whydah 1.0)
  • User-session security elevation (Will be rewritten and completed in Whydah 2.2)
  • ApplicationManagement including security contraints, routing, (Since Whydah 2.1)
  • Configurable high-security levels on authentication and tokens (Will be completed in Whydah 2.2)
  • Real-time threat level coordination and responses (Will be completed in Whydah 2.3)

See Why choose Whydah? for more about what differentiates Whydah from other alternatives.

System features

Feature Details Ready for production
High Availability Designed to support a variety of HA configurations out of the box for free
High Scalability Designed with modern micro-services architecture, Whydah will support successful businesses with million of users actively using their services
Fallback to secondary identity provider Use cases vary, so expect to spend some time verifying the concrete setup required.
Threat level coordination The registered system threat level is distributed to all Whydah applications so they can take action accordingly
System threat mechanisms Under construction - planned for Whydah 2.3

User-level features

Feature Details Ready for production
User Single Sign-On
User authorization - Role-based access control - On-behalf-of relations
User Authentication Supported: - Whydah username and password - LDAP - AD - Facebook - NetIQ - ADFS (SSOLogin 2.1 or 2.2) - OAuth 2.0 Google/OpenID (SSOLogin 2.1) - MFA/2-factor auth (customer extensions, SSO 2.1)
User administration web application Whydah ship with it's own Admiistration client for ease of use
User self-service - User registration - Reset password
UserAdministration API Enhanced ApplicationModel in Whydah 2.1
Session (user and application) configurable timeout and renew support Renew in Whydah 2.1
Security levels in application sessions and user sessions Whydah 3.0 add super-secure levels

APPLICATION features

Feature Details Ready for production
Application Authentication UIB Data storage - persistence
Application Sessions To participate in Whydah, the application must use the authenticated session
Application Authorization Whydah have AccessControlList (ACL) on all invocations controlling which applications who can perform privileged operations ApplicationModel is extended in Whydah 2.1
Application Administration API UIB services (API) -> [UAS services API] Whydah 2.1
Application Administration WebApplication [UAS services API] UserAdminWebApp - UAWA will include extensive administrative operations on Application Management in 2.1 Extended in Whydah 2.1
Configurable Application session timeout(s)
Configurable Application session security algorithms Planned for Whydah 3,0