Easy to get started

Integrate your app or make all your apps enterprise login enabled, it is super easy to get started with Whydah.

Get started


From an easy start to 40 000 logins per minute and above. Whydah can easily support millions of active user sessions.

Latest load test results


Many identity stores and external identity providers are supported. Web-applications, desktop applications and mobile phone apps.

Key features


Built to be secure with multi-layer authentication and separation of concerns to deflect common attack vectors.

Security info

About Whydah

Whydah is an Identity and Single Sign-On solution that provides advanced role-based access control and flexible integrations.

Security concept

Security in Whydah is built around authentication and authorization. Authentication means you can be sure the user is who he claims to be, and authorisation means the user has access to what he is supposed to have access to. The user information is stored using the User Identity Backend.


  • Single Sign-On
  • UserSession handover (web/native)
  • User authentication with LDAP, Facebook/OAuth 2.0, AD
  • Reset password & remember me, MFA pin support
  • User authorization with role data storage
  • User admin GUI and user admin API
  • High Availability & High Scalability leveraging modern microservice architecture
  • And more


Q: Infrastructure angle: Shouldn't IAM be bought as black-box solution?

A: IAM/SSO should be black-box purchases, but as commented above, today's black-box solutions keep failing in organizations by being to "different" or "difficult" for many development teams/projects. One of the reasons seems to be that developers gets confused by the massive XML-scaffolding in SAML2 tokens and the lack of development/test stand-alone deployments which easily integrate with the project CI infrastructure.

Q: Why not SAML2 tokens/OpenSSO/OpenAM?

A: OpenSSO has had it's issues in the transition from Sun Microsystems to ForgeRock, especially regarding setup and administration. This is better now, but the resistance from dev-teams to integrate with SAML2 tokens is still so high that many projects still implement their own auth and user databases. Whydah was made to remove these impediments so Companies get a working IAM/SSO strategy.

Q: Gartner EA policies (What's wrong with IBM Tivoli IAM Suite, NetIQ and similar?)

A: Those products are great and full of functionality. But, and there is a but. If we look at companies which have implemented them you will find that in most companies more than 50% of their in-house developed systems do not integrate with the IAM/SSO solution, rendering the investment not very valuable. The reasons are usually/probably a combination of the ones mentioned above. IAM/SSO and testability - how to test IAM solution and what can/should be automated?


Test Web App

Username: pit Password: Brad
Or try the Facebook-login.

Test Web App

User Admin Web App

Username: admin Password: admin.

User Admin Web App

The user database will be cleared every night, so feel free.

Download Whydah 2.5.22

Read the setup recommendations and the release notes on our Wiki.


User Identity Backend

UIB is the heart and soul of Whydah, keeping your identities secure.

Download UIB

UIB documentation


User Admin Service

UAS allow fine-grained UserAdmin control for 3trd party Applications.

Download UAS

UAS documentation


Security Token Service

STS handles the tokens containing roles and properties.

Download STS

STS documentation


SSO Login Web App

SSOLoginWebApp provides a configurable whitelabeled web SSO login interface.

Download SSO

SSO documentation


User Admin Web App

UAWA is the application for administrating your users.

Download UAWA

UAWA documentation


CRMService (Optional)

A simple standalone CRM service to bridge users with customerdata. Can be morphed to a CRM proxy to existing CRM installations

Download CRMService

CRMService documentation


Statistics Service (Optional)

A standalone service to record and visualize SSO/IAM usage across your whydah applications.

Download StatisticsService

StatisticsService documentation

Next steps

Browse release repositories


Support is provided as a professional service from Cantara.
Contact us at totto@cantara.no for further details.

Contribute to Whydah development?

If you want to contribute on Whydah, development, set up a development environment using the Whydah GitHub repositories and submitt pull-requests and/or join the #whydah channel on Cantara Slack.