Features include:

• Challenge-response for OTP
• YAML-based Keycloak and RADIUS config
• FreeRADIUS-style clients.conf for client secrets
  Optional Message-Authenticator
• Scope/group-to-RADIUS attribute mapping (with regexp support)
• Vendor-Specific Attributes (VSA): Return vendor-specific attributes (e.g. MikroTik, Cisco, Ubiquiti) in Access-Accept responses based on user roles, groups, or scopes
• Configurable OTP mode: Use standard challenge-response or style
• Configurable OTP challenge message via otp_challenge_message in config
• Asynchronous/multi-request support: Multiple RADIUS requests are handled concurrently for high performance

Professional Support for keyrad

keyrad is open-source software licensed under the Apache License 2.0 — free to use, inspect, and modify.
However, the Apache 2.0 license explicitly provides the software "as-is", without warranty of any kind.
For organizations that rely on keyrad in production environments, this matters.

sec73 GmbH offers professional support subscriptions that replace the no-warranty clause with a
contractual commitment — giving your team the confidence and legal certainty to deploy keyrad at scale.

What's included

Vendor Warranty & Operational Assurance

Our support agreement provides the warranty and liability coverage that the Apache 2.0 license does not.
You get a defined, contractual basis for production use — satisfying internal compliance requirements,
auditors, and management who need more than an open-source disclaimer.

Stable Release Subscriptions

Gain access to curated, tested software packages and Docker images for keyrad — released on a stable,
predictable cadence. Subscriber builds receive additional QA, security reviews, and extended maintenance
windows beyond what the public repository offers.

Integration Consulting

Every network is different. Our team provides hands-on consulting for integrating keyrad into your
existing infrastructure — whether you're connecting to FreeRADIUS, MikroTik, Cisco, Ubiquiti,
or enterprise SSO and IdP workflows built around Keycloak.

Prioritized Feature Requests

Subscribers can submit feature requests that are evaluated and scheduled with priority.
Your operational requirements directly influence the keyrad roadmap.

Service Level Agreements (SLA)

Defined response and resolution times — because "best effort" is not good enough in production.
SLA tiers are available to match your operational requirements, from business-hours support
to 24/7 critical incident coverage.

Get in touch

For pricing, scope, and custom SLA terms, contact us with the form below!