In 2009 a small team of developers[1], who are brothers, began work on the Open Access Manager project. From its onset, the push behind this project was to build a fully functioning access control system that is based on open standards and wholly open source. In particular, Role-Based Access Control (ANSI INCITS 359) was a focal point, although that adherence brought with it a need for expanded coverage into other areas like auditing and administration. After a couple of years of coding in their spare time, the project was unveiled at the 2011 LDAPCon in Heidelberg[2], and with it a new name - Fortress. At the same time, it was announced that the OpenLDAP foundation would sponsor the project and it would be released under a BSD-style variant of an Open Source Software license.
That first release, back in 2011, included just the fortress core and realm components, but development of the web interface (commander) and rest server (enmasse) was already underway. A few more years saw many more release s and the eventual completion of the others rounding out the entire product line into what's available today.
Eventually, it was understood that nights and weekends of a few developers aren't enough and so for the fortress concept to survive, it had to be carried into a large field. In 2014 the Fortress project moved from its Op enLDAP foundation home into the ASF as a subproject of the Apache Directory.
This new home proved worthy as help from the Apache Directory project, along with its community has brought many improvements.
Footnotes:
[1] Team roster in 2009: Kelly McKinney (engineering manager), Kevin McKinney (fortress web developer), and Shawn McKinney (fortress core developer).
[2] Presentation Open Source IAM using Fortress and OpenLDAP