Sigma Identity · Root of Trust
Financial-grade identity for the whole ecosystem
Sigma Identity is a hardened Keycloak under the FAPI 2.0 financial-grade profile. Every JWT in the ecosystem originates here: realm-per-tenant multi-tenancy, QR/TOTP zero-trust login, device binding, and one place to revoke access instantly.
sigma-identitylive
financial-grade profileFAPI 2.0
identity per human1
signed JWT everywhereRS256
FAPI 2.0
financial-grade profile
1
identity per human
RS256
signed JWT everywhere
Capabilities
Everything Sigma Identity does, done sovereignly.
Realm per tenant
Hard multi-tenant isolation — each client's identities live in their own realm.
Zero-trust login
QR + TOTP with device binding; the phone becomes the badge.
Instant revocation
Kill a lost device or a departed employee from one console, everywhere at once.
Machine tokens
Signed M2M service tokens secure every inter-service call.
Built on
KeycloakFAPI 2.0RS256 JWTPostgreSQL 16Device binding