Cerberus IAM
Cerberus IAM
Platform

Everything you need for enterprise IAM

A complete identity and access management platform with multi-tenant support, fine-grained permissions, comprehensive audit trails, and a powerful admin console.

Read the docsTalk to us

Core capabilities

The building blocks of enterprise identity and access management.

Tenants & Organizations
Complete multi-tenant architecture with data isolation. Each organization operates independently with its own users, roles, and policies.
  • Hierarchical organization structures
  • Tenant-level configuration and branding
  • Cross-tenant user management (optional)
  • Subdomain or path-based tenant routing
User Management
Comprehensive user directory with flexible attributes, team membership, and lifecycle management.
  • Custom user attributes and metadata
  • Team and group membership
  • User provisioning and deprovisioning
  • Bulk operations and import/export
Roles & Permissions
Fine-grained RBAC with hierarchical permissions. Define exactly what each role can access.
  • Hierarchical role inheritance
  • Resource-level permissions
  • Permission wildcards and scopes
  • Dynamic permission evaluation
Authentication
Secure, standards-compliant authentication flows with session management and device controls.
  • Email/password with Argon2id hashing
  • OAuth 2.1 / OpenID Connect
  • Session management with refresh tokens
  • Multi-factor authentication (MFA)
Audit Logging
Comprehensive audit trail for compliance and security monitoring. Every action is tracked.
  • Authentication events
  • Permission and role changes
  • Administrative actions
  • Searchable and exportable logs
API Keys
Programmatic access for machine-to-machine authentication. Scoped permissions and automatic rotation.
  • Scoped API key permissions
  • Key rotation and expiration
  • Usage tracking and limits
  • Revocation and audit trails
Security

Security at every layer

Cerberus IAM is built with security as a first-class requirement. From password storage to API access, every component is designed to protect your users and data.

Security documentation
Argon2id Password Hashing
Industry-leading password hashing algorithm with memory-hard properties.
OAuth 2.1 with PKCE
Modern authorization flows with Proof Key for Code Exchange required by default.
Encrypted Secret Storage
All secrets encrypted at rest using AES-256-GCM with key rotation support.
Refresh Token Rotation
Automatic token rotation on each use with reuse detection and revocation.
Rate Limiting
Built-in rate limiting and brute-force protection for all endpoints.
Security Headers
Helmet.js security headers and CORS configuration out of the box.
Admin Console

Powerful administration interface

A modern web-based console for managing users, teams, roles, and monitoring your identity infrastructure.

User Management
Search, view, edit, and manage users across all tenants.
Team Administration
Create and manage teams with hierarchical membership.
Role Configuration
Define roles and permissions with visual policy editor.
Session Monitoring
View active sessions and revoke access in real-time.
API Key Management
Create, rotate, and revoke API keys for integrations.
Audit Log Browser
Search and filter audit logs with export capabilities.
Launch Console
Getting Started

Integrate in four steps

Get Cerberus IAM running in your platform with a straightforward integration process.

1

Create a tenant

Set up your first organization in Cerberus IAM. Configure branding and tenant-level settings.

2

Define roles & permissions

Create the role hierarchy for your application. Map permissions to features and resources.

3

Integrate authentication

Add Cerberus authentication to your app using OAuth 2.1 flows or our SDK libraries.

4

Enforce authorization

Use the Cerberus API to check permissions before allowing access to resources.

Developer quickstart

API & Integrations

Everything is accessible via REST APIs. Integrate Cerberus IAM with your existing infrastructure.

REST API
Comprehensive API for all operations
Webhooks
Real-time event notifications
OAuth 2.1
Standards-compliant authorization
SDKs
TypeScript, Python, Go libraries

Ready to get started?

Explore the documentation, try the console, or talk to our team about your requirements.

Read the docsTalk to us