Open-Source Security

FoxIDs is the free open-source Identity Services (IDS) build for the cloud.
Designed as a container with multi-tenant support.

Both an authentication platform and a security broker with support for login, OAuth 2.0, OpenID Connect 1.0 and SAML 2.0.

Deployed in your Azure private cloud or use a shared cloud container (like

Customize to suit your web design and use a subdomain of your choice. Multi-language support, contribute new language translations.

Designed to be unlimited. The number of tenants, tracks, users, up-parties and down-parties is unlimited. Infinite scale in Azure.

Why did I develop FoxIDs?

An identity service should include all necessary features to make secure applications and APIs and yet be affordable. The full feature set should be accessible as open-source. And the identity service should be built for the cloud and available on with close to full feature set in all plans at a low cost.

FoxIDs is created by ITfoxtec along with other open-source security components. You are welcome to make donations to support future development.

Private Cloud

You can deploy FoxIDs in your Azure private cloud and use FoxIDs for free (Apache License 2.0) to manage your entire security infrastructure.

You will probably only want to configure one tenant next to the master tenant with all environments; test, QA and prod configured as tracks inside the tenant.
Depending on the need you can also configure multiple tenants for separation.

If needed, you can request a support agreement with access to prioritized email support at [email protected].


Shared Cloud

Create a tenant on and then add tracks for your environments; test, QA and prod and other forms of separation.

Get started

Alternatively, you can deploy a new shared cloud instance of FoxIDs in Azure or partially as a private and shared cloud. Where you can give others access to use FoxIDs as a paid service.

A license agreement with a common clause for a shared cloud with a cost of 5% of the revenue is required. Feel free to get in touch on [email protected].

Using FoxIDs

JO Informatik FlexDanmark ENERGY COOL Septima Verdo Tangora

Cloud Plans on


€0 /month

  • Up to 3 tracks and thus 3 user directories
  • Up to 1,000 users
  • Up to 5,000 logins per month
  • Up to 5,000 token requests per month
  • Up to 5,000 Control API reads per month
  • Up to 1,000 Control API updates per month
  • Log retention 30 days


€10 /month

Scale unlimited:
  • €1 /track/month and thus a user directory
  • €1 /Key Vault managed certificate/month
  • €0.002 /user/month
  • €0.0004 /login/month
  • €0.0004 /token request/month
  • €0.0004 /Control API read/month
  • €0.002 /Control API update/month


€100 /month

  • Include Pro plan
  • Unlimited tracks and thus unlimited user directories
  • 99.9% SLA - Uptime Status
  • Prioritized email support
  • Log retention 180 days
Scale unlimited:
  • €1.5 /Key Vault managed certificate/month
  • €0.003 /user/month
    from 500k users €0.0022 /user/month
  • €0.0005 /login/month
    from 2,500k logins/month €0.00043 /login/month
  • €0.0005 /token request/month
    from 2,500k token requests/month €0.00043 /token request/month
  • €0.0005 /Control API read/month
  • €0.003 /Control API update/month

If you are in EU outside Denmark, please provide the VAT number to avoid VAT. There is no VAT if you are outside EU. In Denmark the VAT is 25%.

Included in all plans:

Use cases

A look at what's possible with FoxIDs

FoxIDs as one single Identity Provider

You can benefit from having FoxIDs as one single identity provider when building applications. Development becomes simpler and more secure by using the same identity provider and security standards across all applications. Single sign-on is easier to achieve and APIs can be called securely from all applications.

FoxIDs will then handle user authentication with username+password and optionally MFA or transfer user ID's from users authenticated in an external identity provider such as Azure AD, AD FS, IdentityServer, Google or Facebook or others.

The application can choose how the user should log in by setting a parameter.

Translate SAML 2.0 to OpenID Connect

You can use FoxIDs to translate from SAML 2.0 to OpenID Connect. Then FoxIDs handles the SAML 2.0 traffic to the Identity Provider (IdP) and your application connects to FoxIDs with OpenID Connect.

SAML 2.0 is an old standard with its shortcomings, and therefore it is often a better choice to use OpenID Connect in your application.

Translate NemLog-in to OpenID Connect

You can connect FoxIDs to NemLog-in without worrying about the complexity. FoxIDs handles everything related to the NemLog-in connection, and translate the complex OIOSAML3 / SAML 2.0 connection to a modern security standard like OpenID Connect.

Your application and possible API is then easy to connect using OpenID Connect, and the developer doesn't have to worry much about NemLog-in and all the requirements.