Automate Zero Trust authorization, privacy and governance
for modern applications

Build Secure Software Faster

Externalize granular API access authorization management and data privacy compliance.


  • Automate application and API on-boarding, object discovery, and authorization context normalization.
  • Empower developers, and even non-developers, to create policy-as-code with fine-grained control.
  • Gain continuous, compliant, and audit-able access and data exchange safeguards.
  • Deliver transaction-level control at hyperscale – processing millions of transaction requests per second with full auditability.
  • See and govern where user data flows from identity providers to applications.

How the Platform Works

Cloudentity Modern Application Authorization platform makes policy creation, provisioning and enforcement effective, extensible and scalable. Key software components are the Cloudentity Authorization Control Plane™ and Cloudentity MicroPerimeter™, as well as Identity and API Gateway integration options.
Integration Details
  • Integrates with, and can aggregate, a broad range of popular Identity Management / IdP sources or organizations can use our optional Identity Control Plane solution.
  • Integrates with a broad range of popular API Gateway platforms or organizations can use our optional API Gateway solution based on Pyron open source technology.
Platform Details
  • Developers on-board apps and APIs into the identity, authorization ecosystem.
  • Built-in Consent Governance Workflow manages self-service user and customer privacy consent processes to meet met personal identifiable information (PII) data security and management obligations.
  • Services and APIs are discovered and classified to enable multi-source authorization context to be normalized and extended.
  • Policy creation leverages a graphical editor to easily create fine-grained authorization policies that allow even non-developers to understand and build policies without coding or configuration expertise.
  • Granular policy packs can then be standardized, centrally managed and readily provisioned within distributed applications and services.
  • Authorization enforcement occurs at the transaction-level and at hyper-scale within hybrid, multi-cloud and microservices environments.
  • High-performance processing of millions of transaction requests per second as close to each service component.
  • Full data lineage in tamper-proof Privacy Ledger enables policy monitoring, reporting, auditing, and forensics.

Cloudentity Authorization Control Plane™ (ACP)

The Authorization Control Plane provides centralized policy management, provisioning orchestration, monitoring, and logging, as well as user and app on-boarding, consent workflow, and service/API tracking. It automates fine-grained access and data exchange policy compliance with complete data lineage – ensuring dynamic, contextually-aware authorization happens at every service, API and transaction.

    API Discovery Catalog

    Fine-grained Authorization

    Privacy Ledger

    Developer Portal

    Data Classification

    Progressive Consent Management

    Cloudentity MicroPerimeter™

    MicroPerimeter™ encapsulates microservices allowing you a secure means of protecting your East/West traffic without compromising speed. Cloudentity’s MicroPerimeter™ Security provides service-to-service identity, API security and fine-grained authorization for the protected services by sitting as close to the service as possible.



    Service-to-Service Identity

    Fine-grained Authorization

    Localized Policy Decision & Enforcement Point


    API Security

    No Code Changes Required

    Cloud Identity Plane (Option)

    Cloudentity enables Bring Your Own Identity (BYOID) features to integrate existing IDP and identity platforms. By decoupling authentication sources from application authorization, IdPs can be readily switched and/or aggregated to enable service delivery and flexibility. An optional Cloudentity Cloud Identity Plane solution creates frictionless user registration journeys, offers passwordless, multi-factor authentication (MFA), links disparate accounts, and provides user self-service all within a B2C or B2B2C administration structure.


    User Registration

    Multi-Factor Authentication (MFA)

    SSO Integration

    Self-Service Customer Portals

    Adaptive Authentication Journey

    Bring Your Own Identity (BYOID)

    API Security Gateway (Option)

    Cloudentity enables Bring Your Own API Gateway (BYOAG) features to integrate existing API Gateways in order to discover, classify and catalogue APIs and services across clouds and workloads, normalize authentication metadata, on-board news API and services, and dynamically enforce policy, at the transaction-level, closest to the service. An optional Cloudentity API Security Gateway is available via Pyron open-source application. The solution offers a lightweight, developer- and DevOps-friendly gateway with advanced authentication and authorization capabilities for new and legacy applications.


    Microservice Integration

    Request / Response Transformation

    Policy Enforcement

    Firewall Integration