HN Reader

Show HN: QuickTunes: Apple Music player for Mac with iPod vibes (furnacecreek.org)

70 points by albertru90 7h ago 18 comments

Show HN: Historical GPX Wind Visualizer (github.com)

2 points by pppone 1h ago 0 comments

Show HN: Cant, rust nn lib for learning (github.com)

2 points by TuckerBMorgan 2h ago 0 comments

Show HN: Explore GitHub via What Stargazers Also Starred (github.com)

2 points by fengkan 2h ago 0 comments

Show HN: Open-source "God mode killer" IGA in Keycloak (github.com)

2 points by SaltNHash 3h ago 3 comments

Show HN: The Aria Programming Language (github.com)

2 points by egranata_aria 4h ago 2 comments

Show HN: Convert from MIDI file to ASCII tablature (and more) (github.com)

2 points by ycombiredd 6h ago 0 comments

Show HN: Price Per Token – LLM API Pricing Data (pricepertoken.com)

322 points by alexellman 1d ago 125 comments

Show HN: Suhya – Omegle Alternative (suhya.com)

3 points by Codegres 6h ago 2 comments

Show HN: I built a biological network visualization tool (nodes.bio)

37 points by jmg421 1d ago 25 comments

Show HN: The Montana MiniComputer (mtmc.cs.montana.edu)

108 points by recursivedoubts 1d ago 22 comments

Show HN: Apple Health MCP Server (github.com)

196 points by _neil 3d ago 40 comments

Show HN: Nia – MCP server that gives more docs and repos to coding agents (trynia.ai)

78 points by jellyotsiro 2d ago 67 comments

Show HN: I made a web app for structured podcast summaries (wisdomsnap.com)

7 points by bardonadam 18h ago 0 comments

Show HN: Mcp-chromautomation – Chrome MCP that is not a puppeteer (github.com)

3 points by tunabr 12h ago 0 comments

Show HN: Tsbro – TypeScript for the browser, no build step (github.com)

38 points by stagas 5d ago 26 comments

Show HN: Open IT Maintenance Planner (maintenance-planner.vangemert.dev)

12 points by spmvg 3d ago 7 comments

Show HN: A macOS clock that stays visible when coding or binging in fullscreen (cornertime.app)

52 points by muvich3n 1d ago 37 comments

Show HN: Compass CNC – Open-source handheld CNC router (compassrouter.com)

174 points by camchaney 7d ago 46 comments

Show HN: The missing link of a bookstore's tech stack (bookhead.net)

94 points by greenie_beans 3d ago 26 comments

Show HN: TheProtector – Linux Bash script for the paranoid admin on a budget (github.com)

165 points by lotussmellsbad 3d ago 35 comments

Show HN: A word of the day that doesn't suck

82 points by jsomers 4d ago 33 comments

Show HN: Phind.design – Image editor & design tool powered by 4o / custom models (phind.design)

88 points by rushingcreek 4d ago 22 comments

Show HN: Tinder but it's only pictures of my wife and I can only swipe right (trytender.app)

1005 points by risquer 3d ago 261 comments

Show HN: The Magic of Code – book about the wonders and weirdness of computation (themagicofcode.com)

110 points by arbesman 4d ago 29 comments

Show HN: A code editor that integrates into the browser (tachicode.dev)

44 points by quintu5 2d ago 10 comments

Show HN: Easy Python Time Parsing (github.com)

21 points by felixnext 5d ago 2 comments

Show HN: Lotas – Cursor for RStudio (lotas.ai)

81 points by jorgeoguerra 5d ago 28 comments

Show HN: Play Flash Games on Mobile with Ruffle Virtual Keyboard (github.com)

3 points by ed253 1d ago 0 comments

Show HN: Self-updating MCP server for official pip, uv, poetry and conda docs (github.com)

30 points by keminghe 3d ago 18 comments

Show HN: Any-LLM – Lightweight router to access any LLM Provider (github.com)

123 points by AMeckes 4d ago 68 comments

Show HN: Sleep Blocker MCP to prevent your Mac sleep (github.com)

4 points by cuongnt3010 1d ago 0 comments

Show HN: WTFfmpeg – Natural Language to FFmpeg Translator (github.com)

87 points by ycombiredd 4d ago 67 comments

Show HN: Conductor, a Mac app that lets you run a bunch of Claude Codes at once (conductor.build)

228 points by Charlieholtz 9d ago 111 comments

Show HN: Open-source macOS CLI tool for aliasing and timing command line runs (github.com)

4 points by frankbyte 1d ago 2 comments

Show HN: StackSafe, Taming Recursion in Rust Without Stack Overflow (fast.github.io)

2 points by tison 1d ago 0 comments

Show HN: LogMerge – View multiple log files in a merged view (github.com)

3 points by faisalhackshah 1d ago 0 comments

Show HN: Local Email Client for AI Horseless Carriages (github.com)

14 points by shahahmed 2d ago 6 comments

Show HN: Pogocache – Fast caching software (github.com)

92 points by tidwall 5d ago 29 comments

Show HN: Fundatio – Free macOS App to Structure Project Folders (apps.apple.com)

3 points by masterpos 1d ago 0 comments

Show HN: Improving search ranking with chess Elo scores (zeroentropy.dev)

192 points by ghita_ 10d ago 65 comments

Show HN: BlackMagic-JS – Automatic dark mode framework that just works (github.com)

4 points by LucAngevare 1d ago 0 comments

Show HN: RcloneView – A GUI for Rclone to Manage and Sync Cloud Storage

13 points by newclone 3d ago 0 comments

Show HN: X11 desktop widget that shows location of your network peers on a map (github.com)

204 points by h2337 6d ago 86 comments

Show HN: ggc – A terminal-based Git CLI written in Go (github.com)

65 points by bmf-san 10d ago 61 comments

Show HN: Built an email marketing platform after paying $230/month (fertit.com)

44 points by rasadov 5d ago 35 comments

Show HN: Autark – A self-contained build system for C/C++ (autark.dev)

3 points by adamansky 1d ago 2 comments

Show HN: I built a CSV/XLSX editor that uses JavaScript to manipulate data (OSS) (fileglance.info)

3 points by crossing 1d ago 0 comments

Show HN: A rudimentary game engine to build four dimensional VR evironments (brainpaingames.com)

39 points by teemur 7d ago 2 comments

Show HN: Product as Code – YAML-based product management for AI coding workflows (productascode.org)

7 points by mantcz 2d ago 1 comments

Show HN: Open-source "God mode killer" IGA in Keycloak

2 SaltNHash 3 7/27/2025, 2:59:59 AM github.com ↗

Comments (3)

SaltNHash · 3h ago
Hi HN,

Keycloak is a popular open‑source Identity & Access Management (IAM) server, but like most IAMs it lets any admin make instant, irreversible changes. In regulated or high-security setups that "god mode" is a nightmare.

We built Keycloak-IGA, a fork that bakes a light weight approval workflow into the server, which must be cleared before high stakes changes can go live:

Features include: - Draft → Pending → Approved states for user, role, client & realm changes - Quorum engine (default "70%" of admins) - four-eyes control enforced by code - Zero overhead unless you switch it on - Emits audit events aligned with PCI-DSS, SOX, ISO 27001, HIPAA, NIST 800‑53

Try it in a few mins git clone https://github.com/tide-foundation/keycloak-IGA cd keycloak-IGA docker compose up # spins a demo realm with IGA extensions pre-wired

Walkthrough video(4min): https://www.youtube.com/watch?v=BrTBgFM7Lq0

Looking for feedback on: - Does the built‑in model beat the usual "proxy + ticket + webhook" approach? - Is 70% quorum sane? Would you prefer fixed reviewers, AD groups, etc.? - What's missing before you'd trust this in prod?

Background & design notes: https://github.com/keycloak/keycloak/discussions/41350

MIT licensed, so fork away, and tell us what you think.

Thanks!

josephcsible · 3h ago
Does this make it impossible to have a "break glass" account?
SaltNHash · 3h ago
Yes it does. It replaces it with a break glass quorum approved process.