Identity-Aware Authorization at Scale
Authorize API access, enable user consent and data sharing, add fine-grained access control.
Multi-Dimensional Authorization
Add multi-dimensional authorization to your B2B platform using financial-grade OAuth server, distributed API declarative authorization solutions, and Policy-Based Access Control.
Financial-Grade OAuth Authorization Server
Employ multi-tenant authorization server that complies with extended family of OAuth specifications.
Financial-Grade OAuth Server
Multi-tenant OAuth server for SaaS applications with elevated data security and data sharing requirements.
Authorization Server for B2B SaaS Apps
Employ multi-tenant authorization server that replaces a need of a farm of regular servers. Reduce costs, make your architecture simpler, maintain customer isolation.
Create as many authorization servers as you need.
Fine-Grained Authorization and Consent
Empower users to authorize individual transactions. Add fine-grained consent enabling customers to authorize third-party access to discrete resources.
Utilize rich authorization request to make scope of access granular.
FAPI Support, OAuth & OIDC
Extensive support of OAuth & OIDC Open Standards.
One of the most certified for OAuth's financial-grade profiles and a swift achiever of FAPI 2.0 Compliance.
- FAPI 2.0
- Rich Authorization Request
- Token Exchange
- DPoP
- and more...
Distributed API Declarative Authorization
Improve API security with Cloudentity clear-cut authorization and access control solutions.
Distributed API Authorization
Integrate an authorizer with your gateway for rich, locally enforced, and centrally managed distributed authorization.
- Kong
- Apigee
- AWS API Gateway
- and more...
Authentic Zero-Trust with Service Mesh
Fortify your zero-trust model by embedding API authorization into your Istio Service Mesh. Ensure secure API requests within your zero-trust network.
Streamlined API Discovery and Governance
Automatically unveil APIs across all connected gateways. Allocate authorization policies effortlessly and govern API authorization from token minting to endpoint policy enforcement.
Robust Protection for GraphQL APIs
Enhance GraphQL API protection.
Designate policies directly through Cloudentity or take a declarative stance by including the policies within your GraphQL schema files.
Streamlined Token Exchange with Authorizers
Cloudentity authorizers facilitate the conversion of incoming third-party access tokens to internal access tokens.
Employ OAuth Token Exchange Grant Type
Cloudentity authorizers cam interact with trusted IDPs (authorization servers) to exchange tokens, utilizing dedicated client credentials to engage with Cloudentity's OAuth token endpoint.
Configurable Token Handling with Istio Authorizer
Istio Authorizer offers the flexibility to choose the token (original or exchanged) passed to the API/service, or even pass both tokens by configuring the header settings, ensuring tailored token management.
Policy-Based Access Control
Transition authorization from application code to decisive authorization policies for enhanced security, easy modification, and thorough audit. Utilize localized policy decision and enforcement points for millisecond-level latency and automatic policy distribution.
Policy-Based Access Control
Cloudentity enables organizations to apply authorization policies at every application level.
Application Level
Control who can access your application. Enforce MFA, ID-proofing, or permissions.
Token Minting Level
Control which users/machines can get the security tokens. Block token minting for anomalous requests.
Scope Level
Control access to specific scopes. Require MFA for high-value transactions.
API Request Level
Assign policies to APIs for locally enforced, centralized authorization.
Policy Declaration
Enable dynamic access control decisions based on a myriad of attributes like user roles, current location, time of access, the resource being accessed, and much more.
Cloudentity Policies with Visual Editor
Cloudentity’s intuitive built-in visual editor makes policy formulation both flexible and user-friendly, but, at the same time, allows for advanced policy definition.
OPA's REGO Policy Support
Cloudentity contains an embedded REGO policy editor which also includes code samples to help you get started.