aerobase.io

What It Is

Aerobase is an open-source identity and access management platform based on Keycloak. Rather than simply replicating upstream Keycloak, it is positioned as a production-ready offering with commercial support, two-year LTS, CVE fixes, security backports, upgrade paths, and custom workflow development. It covers typical enterprise identity capabilities such as IAM, SSO, MFA, OAuth2/SAML/OIDC, LDAP, and Active Directory.

Core Capabilities and Integrations

In terms of protection scope, Aerobase mainly addresses authentication, access control, and protocol federation, rather than traditional network perimeter security. Its strength lies in the Keycloak ecosystem, making it naturally suitable for integration with internal enterprise applications, SaaS platforms, or in-house systems. The available materials explicitly mention support for LDAP, Active Directory, OAuth2, SAML, and OIDC, as well as authorization policy capabilities. For deployment, it offers Linux packages, a Docker Edition, and cloud test instances; however, it does not clearly disclose full SaaS hosting, private cloud, or high-availability architecture details.

Pricing and Support

Pricing is relatively transparent: the Open Source edition is free forever, requires no credit card, and includes core protocols and community packages, but only comes with community forum support. The Basic plan costs $690/month and is billed annually. It provides an SLA support portal, a 12-business-hour response time for production environments, a 2-business-day response time for pre-production, plus 1 hour of security consulting and meetings per month. Its “no per-user pricing” model offers better cost predictability for organizations with rapidly growing user bases.

Pros and Cons

The main advantage is that Aerobase is built on the mature Keycloak foundation while addressing enterprise concerns around lifecycle management, security patches, and controlled upgrades. The free edition lowers the barrier for evaluation, and the commercial support scope is fairly clear. Limitations are that the available information does not show details on compliance certifications, audit capabilities, built-in alerting, data residency, advanced enterprise plans, or localization support. The Basic plan’s response time is measured in business hours, so whether it is suitable for mission-critical workloads with strict SLA requirements still needs further assessment.

Who It’s For and Access from China

Aerobase is suitable for small to mid-sized and larger technical teams that already use or plan to use Keycloak but lack in-house IAM operations, security backporting, and upgrade governance capabilities. The available materials do not disclose access from China, payment methods, or local service availability, so these remain unknown. For deployment in mainland China, it is advisable to also evaluate direct connection stability, USD payments, support time zones, and alternatives such as Keycloak, Authentik, FusionAuth, Okta, and Microsoft Entra ID.