Open source software suite -
Soffid provides full Single Sign On experience and full identity governance features. All in an open source, efficient and powerful software product. Security and productivity is now affordable.
page-template-default,page,page-id-16,page-child,parent-pageid-14,ajax_fade,page_not_loaded,,qode_grid_1300,qode-child-theme-ver-1.0.0,qode-theme-ver-10.1.1,wpb-js-composer js-comp-ver-5.0.1,vc_responsive

Open source software suite


Software suite fully accessible,
free and open

Software designed from scratch to be a fully integrated identity governance solution

Soffid console: Single, simple and intuitive web interface as a single point of administration

Shared and privileged account management based on role based access control. Extra layer of security for privileged accounts where only 1 user may be used at a time and with fully audited usage

Identity federation available to the end user. Soffid Identity Provider using the SAML protocol takes care of managing the SAML, OpenID or Oauth bridges with the different external identity providers

Enterprise Single Sign On provided via a fully customisable login interface, auto-deployment of business applications within the start menu, integration with any web, windows or java application and available to manage shared and single user desktops

Fine tuning permissions based on organisation role, organisation unit or granted roles. Also XACML optional module available to define attribute based control policy

Web Single Sign On available for web applications. Full single sign on and single sign out experience for any web application with SSO sessions tracking built-in

Self service portal: Single, simple and intuitive web interface for the end user to manage their own profile, request passwords, access to applications and manage their own business processes

Directory synchronisation capabilities to keep all authoritative source always fully in sync

Role mining capabilities to optimise the number of roles or business profiles in the system

Separation of duties detaches application authorisation from user registration process

Business process management to manage both user and system tasks and designed to be fully integrated with Soffid access control

Software products


Soffid core:

A set of Spring services that contain the underlying identity management logic as well as the managed systems bindings. This core includes a Spring service access layer through standard EJBs.

Soffid repository:

Soffid supports a certain number of relational data base engines including MariaDB, MySQL, Oracle and SQL Server. The whole information regarding identities, user accounts, password and configuration is stored in this database.

Soffid sync servers:

These servers are in charge of provisioning users into managed systems, as well as gathering information about user accounts to be loaded into Soffid. In addition, it handles enterprise single sign on desktops, its authentication and session control.

Web console and self service:

A simple and fully intuitive web layer -Soffid Console- provides access to the core module of Soffid, allowing the administration to have full access to all functionlities remotely, accross all platforms and without the need of using any programming language.

At the same time, another web layer -SelfService- allows the end user to manage their account, all their applications and all their tasks in the context of the business workflows.

Soffid Architecture

Enterprise single sign on:

This module can be installed on user desktops with Ubuntu Linux or Microsoft Windows operating system. It allows desktop access control and it provides full single sign on experience accross web and desktop applications

Main modules


Soffid console

This the main module of Soffid. This is the first module that needs to be installed and it is the main coordinator of all the Soffid Identity Governance logics. The Soffid console is installed and it runs as a service both in Linux and Windows machines and it is accessed via a web portal.


Soffid Sync server

This module is in charge of the provisioning users into all managed systems as well as to gather the information from these systems that needs to be loaded into Soffid repositories. This module can be installed in the same server as the console or it can be installed on a different server as long as communication between both servers is available.


Enterprise Single Sign On

This module can be installed on user desktops with Ubuntu Linux or Microsoft Windows operating system. It allows desktop access control and it provides full single sign on experience accross web and desktop applications.




These modules are designed to allow the communication of the main modules of Soffid with particular domain controllers or specific managed systems. We have a connector to the most widely used systems. SAP connectors and Lotus Domino connectors are the only ones that are not available under the open source license. Their installation can be done directly through the web console via the simple upload of a file.

  • Available connectors

    • Windows connector (including Active Directory)
    • LDAP plugin
    • SCIM connector
    • SQL plugin
    • Zimbra connector
    • Google apps connector
    • Zarafa connector
    • CSV plugin
    • SAP connector
    • Lotus Domino connector


These modules are adding extra functionality to the main components of Soffid. Their installation can be done directly through the web console via the simple upload of a file. State of the art functionalities in the Identity Governance sector such as Role Minining or Recertification process are available through these Addons.

  • Available Addons

    • Federation
    • Role mining
    • Password recovery
    • Reporting
    • Recertification addon
    • Recertification process
    • Recertification group process
    • Recertification user process

Suported platforms


Soffid is supported in the most common Information Systems platforms. We are working constantly to add new platforms to our compatibility list. If you have some suggestion or request, please let us know. We are always happy to hear our audience.

  • Soffid system

    • Red Hat 6
    • Windows server 2003 – 2012
    • Ubuntu Server 12.04, 14.04
    • SQL Server 2008 – 2012
    • Oracle 9
    • Maria DB 5.5
    • MySQL 5.5

  • Enterprise Single Sign On

    • Windows XP 32 bits
    • Windows Vista 32 y 64 bits
    • Windows 7 32 y 64 bits
    • Windows 8 32 y 64 bits
    • Ubuntu 12.04
    • Ubuntu 14.04

  • Target Systems

    • Active Directory
    • Oracle Internet Directory
    • iPlanet Directory Server
    • Open LDAP
    • DS/389
    • Red Hat 5
    • Ubuntu 12.04
    • Windows Server 2000
    • AS/400
    • SAP R/3 *
    • Oracle eBusiness Suite *
    • PeopleSoft *
    • Lotus Domino
    • Postfix
    • MS Exchange
    • Informix
    • Postgresql
    • MariaDB / MySQL
    • Oracle
    • SQL Server

Source code and Documentation


Source Code:

Soffid is open source software, therefore its source code is free and fully available. Please feel free to browse all Soffid source code:


Soffid documentation:

Soffid is a live piece of software that gets constant improvements and upgrades. During this constant evolving process, Soffid’s documentation is also being improved and updated in our documentation repository. Click here to find install instructions, description of Soffid characteristics and software documentation.