Fork me on GitHub


Traditionally delivered as six different products — SSO, adaptive authentication, strong authentication, federation, web services security and fine-grained entitlement enforcement — OpenAM now provides all this in a single, unified cross platform offering deployed as a .war file into a Java Servlet container such as Tomcat.


Originally based on Sun MicroSystem's OpenSSO, ForgeRock have been developing and commercially supporting OpenAM since 2010. This version was originally released to ForgeRock customers in March 2015, and is now being released as our Community Edition without the ForgeRock binary licensing restrictions. It is well tested an has managed millions of identities in its lifetime.

Standards Based

Cross Domain Single Sign On (CDSSO), SAML 2.0, OAuth 2.0 & OpenID Connect ensure that OpenAM integrates easily with legacy, custom and cloud applications without requiring any modifications. It's a developer-friendly, open-source control solution that allows you to own and protect your users digital identities.

Getting Started

Download the binary and then follow the great getting started guide on BackStage that walks you through these steps:

  • Preparing Your Hosts File
  • Installing Apache HTTP Server
  • Installing Apache Tomcat
  • Install OpenAM
  • Configuring a Policy in OpenAM
  • Creating a Web Policy Agent Profile
  • Installing an OpenAM Web Policy Agent


The documentation for OpenAM v11.0.3 is hosted on ForgeRock's BackStage servers. There you can find:

  • Getting Started With OpenAM
  • OpenAM 11.0.0 Javadoc
  • OpenAM Administration Guide
  • OpenAM Developer's Guide
  • OpenAM Installation Guide
  • OpenAM Reference
  • OpenAM Release Notes
  • OpenAM Upgrade Guide

Get the Code

The code is hosted on GitHub. Issues should be submitted against the GitHub issue tracker

Get Involved

Fork the GitHub repo and create a pull request. It's worth discussing larger proposed changes in an issue before starting out.