Introduction

TideCloak is a Keycloak-based IAM server integrated with Tide's Cybersecurity Fabric - a decentralized network that splits cryptographic authority so no single entity (not admins, not your cloud provider, not even us) can access keys, forge tokens, or bypass access controls - So, you can build fast, without worrying about security.

Setup, integration, architecture, and API reference.

Start building

Server + protected app in under 10 minutes

Spin up TideCloak in Docker, scaffold a Next.js app wired to it, and test auth with zero-knowledge identity - all from your terminal.

Quickstart guide →Launch Playground

# 1. Run TideCloak
$ docker run -d -p 8080:8080 \
   -e KC_BOOTSTRAP_ADMIN_USERNAME=admin \
   -e KC_BOOTSTRAP_ADMIN_PASSWORD=password \
   tideorg/tidecloak-dev:latest
# 2. Scaffold your app
$ npm init @tidecloak/nextjs@latest my-app
# 3. Launch
$ cd my-app && npm install && npm run dev

Understand the architecture

🧩

Core Concepts

BYOiD authentication, Quorum-Enforced Governance, tamper-proof authorization, and Immunity-Sealed E2EE.

🏗️

Architecture

How TideCloak, the Cybersecurity Fabric, and Ineffable Cryptography fit together - components, data flows, and ZK proofs.

🔐

Realm & Admin Setup

Deploy in dev mode, activate your license, create realms, register clients, assign the Quorum.

🔑

Identity Providers

Federation with external IdPs and advanced Tide identity provider configuration.

Integrate with your stack

React Next.js JavaScript C# / ASP.NET

Reference

📘Admin Guide ⚡API Reference 🔌Integrations ❓FAQ 📋Release Notes 💬Contact

New to Tide? Learn why TideCloak exists and how it differs from traditional IAM, or explore the full feature overview. Join the community on Discord and GitHub.