Identity management that actually works
Modern, lightweight IAM server. Full OAuth 2.0 + OIDC in a single binary. 30MB memory. Sub-second startup.
Everything you need. Nothing you don't.
Production-grade IAM features, built from the ground up.
🔐OAuth 2.0 + OIDC
Full RFC 6749 / OpenID Connect compliant. Authorization code + PKCE, client credentials, refresh tokens.
👥User Management
Registration, login, password reset, email verification. TOTP and WebAuthn MFA built in.
🏢Multi-Tenancy
Organizations and realms by default. Isolate users, clients, and config per tenant.
🖥️Admin Console
Beautiful admin dashboard built with htmx + Tailwind. Manage users, roles, clients, sessions, audit logs, and login themes from one place.
📜Audit Trail
Event-sourced audit log for every security-relevant action. Login, token issuance, permission changes.
🔑OAuth Clients
Register and manage OAuth clients with scopes, redirect URIs, and grant types. Public and confidential clients.
⏱️Session Management
PostgreSQL-backed sessions with token rotation. View and revoke active sessions per user.
⌨️CLI Tool
rampart-cli for server management, user provisioning, and development workflows.
📦Single Binary
One binary, zero external dependencies at runtime. UI embedded. Deploy anywhere in seconds.
🌐Social Login
Google, GitHub, and Apple sign-in out of the box. One-click configuration in the admin console.
🔗SAML 2.0
Service Provider and Identity Provider support for enterprise single sign-on.
🔔Webhooks
HMAC-signed event delivery for user lifecycle, login, and admin actions. Configurable per event type.
How Rampart stacks up
A fair comparison with the alternatives.
| Feature | Rampart | Keycloak | Ory Hydra | Zitadel | Authentik |
|---|---|---|---|---|---|
| Startup time | <1s | ~30s | ~2s | ~3s | ~15s |
| Memory usage | ~30MB | ~512MB+ | ~50MB | ~100MB | ~300MB |
| Single binary | Yes | No (JVM) | Yes | Yes | No (Python) |
| Admin UI | Built-in | Built-in | None | Built-in | Built-in |
| Login theming | 5 themes | FreeMarker | BYO | Limited | Limited |
| PKCE support | Yes | Yes | Yes | Yes | Yes |
| Multi-tenant | Native | Realms | No | Yes | Tenants |
| CLI tool | Yes | kcadm.sh | Yes | Yes | No |
| Database | PostgreSQL | Many DBs | PostgreSQL | CockroachDB | PostgreSQL |
| SDK adapters | 15 SDKs | Java-first | REST only | Go/gRPC | Python-first |
Works with your stack
First-class SDK adapters and integration guides.
GoGet Started with Rampart
Deploy in under a minute. One binary, simple configuration, production-ready.