Cloudentity increases development velocity by making authorization governance flexible and scalable.
Our platform externalizes policy management as a declarative authorization service:
- Automates application and API on-boarding, object discovery, and authorization context normalization.
- Empowers developers, and even non-developers, to create policy-as-code with fine-grained control.
- Removes the complexity to orchestrate provisioning and dynamic enforcement across an organization’s existing hybrid, multi-cloud and microservices environment.
- Delivers transaction-level control at hyperscale – processing millions of transaction requests per second with full auditability.
How the Platform Works
- Integrates with, and can aggregate, a broad range of popular Identity Management / IdP sources or organizations can use our optional Identity Control Plane solution.
- Integrates with a broad range of popular API Gateway platforms or organizations can use our optional API Gateway solution based on Pyron open source technology.
- Developers on-board apps and APIs into the identity, authorization ecosystem.
- Built-in Consent Governance Workflow manages self-service user and customer privacy consent processes to meet met personal identifiable information (PII) data security and management obligations.
- Services and APIs are discovered and classified to enable multi-source authorization context to be normalized and extended.
- Policy creation leverages a graphical editor to easily create fine-grained authorization policies that allow even non-developers to understand and build policies without coding or configuration expertise.
- Granular policy packs can then be standardized, centrally managed and readily provisioned within distributed applications and services.
- Authorization enforcement occurs at the transaction-level and at hyper-scale within hybrid, multi-cloud and microservices environments.
- High-performance processing of millions of transaction requests per second as close to each service component.
- Full data lineage in tamper-proof Privacy Ledger enables policy monitoring, reporting, auditing, and forensics.
MicroPerimeter™ encapsulates microservices allowing you a secure means of protecting your East/West traffic without compromising speed. Cloudentity’s MicroPerimeter™ Security provides service-to-service identity, API security and fine-grained authorization for the protected services by sitting as close to the service as possible.
Localized Policy Decision & Enforcement Point
No Code Changes Required
Cloud Identity Plane (Option)
Cloudentity enables Bring Your Own Identity (BYOID) features to integrate existing IDP and identity platforms. By decoupling authentication sources from application authorization, IdPs can be readily switched and/or aggregated to enable service delivery and flexibility. An optional Cloudentity Cloud Identity Plane solution creates frictionless user registration journeys, offers passwordless, multi-factor authentication (MFA), links disparate accounts, and provides user self-service all within a B2C or B2B2C administration structure.
Multi-Factor Authentication (MFA)
Self-Service Customer Portals
Adaptive Authentication Journey
Bring Your Own Identity (BYOID)
API Security Gateway (Option)
Cloudentity enables Bring Your Own API Gateway (BYOAG) features to integrate existing API Gateways in order to discover, classify and catalogue APIs and services across clouds and workloads, normalize authentication metadata, on-board news API and services, and dynamically enforce policy, at the transaction-level, closest to the service. An optional Cloudentity API Security Gateway is available via Pyron open-source application. The solution offers a lightweight, developer- and DevOps-friendly gateway with advanced authentication and authorization capabilities for new and legacy applications.