Infrastructure That Explains Itself

Every change recorded. Every question answered. Every protocol supported.

Request Demo Read the Docs

Core Architecture

Event-sourced by design

Traditional directories store only current state. IdentityScribe stores every change as an immutable event.

Every modification becomes a permanent record
Reconstruct state at any timestamp
Replay events to build new views
Nothing deleted, nothing altered — ever

Learn about event sourcing

Event Log Append-only

09:14:22 CREATE user/jsmith created

09:22:45 MODIFY user/jsmith.email changed

09:35:11 ASSIGN user/jsmith → group/admins

09:41:03 MODIFY user/jsmith.title changed

now CREATE user/mlee created

Query Capabilities

Time-travel queries

Query any entry as it existed at any past moment. When auditors ask about historical state, the answer is one query away.

AS OF timestamp syntax in all protocols
Prove historical state for compliance
Compare changes between two points in time
No log reconstruction required

Explore time-travel queries

Mar 1 Mar 8 Mar 15 Mar 22 Today

Add

Modify

Move

Delete

Query AS OF '2024-03-15'

uid=jsmith State at Mar 15, 09:00

title Developer

dept Engineering

email jsmith@old.com Changed since

ou ou=developers Moved since

Access Methods

One system, five protocols

Access identity data through whichever protocol fits your application. Legacy apps, modern services, AI assistants — all supported.

LDAP: Full protocol support for existing apps
REST: JSON API for web services and automation
gRPC: High-performance binary protocol for services
GraphQL: Flexible queries, get exactly what you need
MCP: Query from Cursor, Claude, VS Code

See all channels

Scribe

LDAP ldapsearch -b "d...

REST GET /api/entries...

gRPC rpc GetEntry(...)

GraphQL query { entry(dn...

MCP "Find users in e...

Operations

Observability built in

Metrics, traces, and logs ship with the product. No agents to install, no configuration required.

Prometheus metrics for dashboards and alerting
OpenTelemetry traces for request debugging
Structured JSON logs for analysis
Works with Grafana, Datadog, your existing stack

Read the observability guide

Observability Live

INFO bind uid=admin success

INFO search dc=example 42 entries

WARN rate limit approaching

INFO modify uid=jsmith ok

Architecture

The complete data pipeline

From source directory to client application — see how data flows through IdentityScribe.

Ingest from Active Directory, OpenLDAP, or custom sources
Capture and transform with configurable schema mapping
Store in PostgreSQL as immutable events
Query through unified engine, serve via any protocol

Understand the architecture

The Data Pipeline From source system to client application

Ingest

Active Directory

OpenLDAP

User Database

Transform

Capture & Transform

Schema mapping

Attribute normalization

Store

PostgreSQL Event Store

Immutable events Full history

Query

Unified Query Engine

Optimized SQL

Output

LDAP Legacy apps

REST Web services

GraphQL Frontends

MCP AI assistants

Built for production

The details that matter when running identity infrastructure.

Open the production hardening guide

Fast startup

Native binary starts in milliseconds. Quick restarts, fast recovery.

Enterprise security

TLS encryption, bearer token auth, and rules-based access controls. Configure once for production-ready security.

PostgreSQL backend

Standard database with standard backup and recovery. High-availability configurations supported.

Full audit trails

Every change logged with who, what, when, and why. Export in standard formats.

AI-ready

MCP protocol lets AI assistants query identity data directly. Natural language search.

Schema flexible

Standard LDAP schema or custom attributes. Adapt to your data model.

See it in action

Walk through event-sourcing, time-travel queries, and multi-protocol access.