This document summarizes the key features of an open source identity and entitlement management server. It provides authentication using LDAP, AD, JDBC and single sign-on using SAML2, Kerberos, WS-Fed and passive protocols. It also supports provisioning using SCIM and SPML and role based access control using XACML policies. The server allows for federation between identity providers and service providers.