A Multi-Tenant User and Identity Management Provider

Overview

Mmadu (pronounced um-a-du) is derived from an Igbo word meaning people.

Have you ever found yourself in a state of deja-vu when ever you write user management logic? Mmadu provides a set of tools that ensures that you never have to repeat user management logic. It helps to manage users, takes care of registration work flows and exposes APIs for authentication.

With Mmadu, you can have a dedicated system for managing users across all your applications. Mmadu is a set of tools and services that helps developers manage their application users. Applications are constantly being built on mobile, web and other devices and with these bring their own security challenges in authentication and authorization.

Different standards are being developed to handle user management, authorization and authentication like Oauth 2.0, Open ID and others. Mmadu aims to provide all the tools needed developers to implement these standards in their applications.

Vision

To help developers (of all walks of life) eliminate user-management coding in applications forever.

Release Notes

What’s new in 2.0.2?

  1. Token Revocation Endpoint (RFC 7009)

  2. Token Introspection Endpoint (RFC 7662)

  3. Authorization Profile with auto approve scopes.

  4. Multiple registration profiles for a domain.

  5. Implemented Transaction Management

  6. Updated Theme

What’s New in 2.0.1?

  1. Implemented Implicit and Password Grant Types

  2. Added username field to user token

  3. Updated Documentation

Current Features

  1. Multi-tenancy using Domains

  2. User Management

  3. Role and Authority Management

  4. Group Management

  5. Authentication

  6. Dynamic User Registration Forms

  7. Oauth 2.0

  8. Jwt Token Security

Project Road Map

We aim to provide an array of services and libraries to enable developers pick and choose to implement their desired management flows.

Below are some of the features in the pipeline:

  1. User Account flows: Forgot Password, Reset Password e.t.c

  2. Oauth 2.0 Implicit and Resource owner Password Credentials grant types (currently only Authorization Code, Client Credentials and Refresh Token are supported)

  3. Oauth 2.0 Proof Key for Code Exchange

  4. Oauth 2.0 Device Code Grant Type

  5. Oauth 2.0 Authorization Server Metadata

  6. Oauth 2.0 Dynamic Client Registration

  7. Oauth 2.0 Dynamic Client Registration Management

  8. Open ID Connect

  9. UMA 2.0

  10. …​ and many more as they come

Current Services

Mmmadu is made up of the following standalone services:

  1. Mmadu User Service - This handles domain, user, roles, authorities and management.

  2. Mmadu Registration Service - This handles registration and other user flows

  3. Mmadu Identity Service - An identity provider, for exposing Oauth 2.0 endpoints

Getting Started

Click here to get started

Contributing to Mmadu

If you want to contribute to eliminate user management coding forever, send a mail to Mmadu