Apache Syncope artifacts are distributed in source and binary form under the terms of the Apache License, Version 2.0. See the LICENSE and NOTICE files included in each artifact for additional license information.
Use the links below to download a distribution of Apache Syncope. It is good practice to verify the integrity of the distribution files.
Don't know which downloads best suit your needs?
Take a look at the quick summary from the Getting Started guide:
Release date: December 23rd 2015
|syncope-2.0.0-M1-source-release.zip||asc md5 sha1|
|syncope-standalone-2.0.0-M1-distribution.zip||asc md5 sha1|
|syncope-installer-2.0.0-M1.jar||asc md5 sha1|
|syncope-client-cli-2.0.0-M1.zip||asc md5 sha1|
|apache-syncope-2.0.0-M1.deb||asc md5 sha1|
|apache-syncope-console-2.0.0-M1.deb||asc md5 sha1|
|apache-syncope-enduser-2.0.0-M1.deb||asc md5 sha1|
Release date: January 15th, 2016
|syncope-1.2.7-source-release.zip||asc md5 sha1|
|syncope-standalone-1.2.7-distribution.zip||asc md5 sha1|
|syncope-installer-1.2.7.jar||asc md5 sha1|
|apache-syncope-1.2.7.deb||asc md5 sha1|
|apache-syncope-console-1.2.7.deb||asc md5 sha1|
All past releases can be fetched from ASF archives.
We strongly recommend you verify the integrity of the downloaded files with both PGP and MD5.
The PGP signatures can be verified using PGP or GPG. First download the KEYS as well as the *.asc signature file for the particular distribution. Make sure you get these files from the main distribution directory, rather than from a mirror. Then verify the signatures using one of the following sets of commands:
$ pgpk -a KEYS $ pgpv syncope-*.zip.asc
$ pgp -ka KEYS $ pgp syncope-*.zip.asc
$ gpg --import KEYS $ gpg --verify syncope-*.zip.asc
Alternatively, you can verify the MD5 signature on the files. A Unix/Linux program called md5 or md5sum is included in most distributions. It is also available as part of GNU Textutils. Windows users can get binary md5 programs from these (and likely other) places: