organizations-iam-app

Organizations and Users IAM

A centralized administration system for assigning and delegating organizational rights across service domains. Built on Keycloak with custom protocol mappers and a Spring Boot admin application.

• Release notes

Documentation

Architecture

• Organization and Function-Based Rights Model — The conceptual model: organizations, functions, users, rights, the org_rights claim, and org-scoped API tokens.

Integration

• IAM Integration Guide — How to build OIDC relying parties, OAuth clients, and resource servers that integrate with this system. Includes Spring Boot configuration and the iam-security library.

• IAM Security Library — Reference documentation for the iam-security-base and iam-security-spring-boot-starter modules.

Administration

• IAM Admin Application — Service API — REST API for the IAM admin app’s internal service endpoints.

• IAM Admin Themes — White-label theming system for the admin application.

• IAM Admin Application Configuration — Configuration reference for the IAM admin application.

Operations

• Keycloak Setup — Step-by-step Keycloak realm configuration, client registration, and automation scripts.

---

Copyright © 2026, Myndigheten för digital förvaltning - Swedish Agency for Digital Government (DIGG). Licensed under version 2.0 of the Apache License.

This site is open source. Improve this page.