Identity-aware access proxy providing secure single sign-on (SSO) and zero-trust access to internal applications. Implements the BeyondCorp model of zero-trust security.
- Identity-aware proxy with SSO
- Zero-trust access control
- Context-aware authorization policies
- Multi-protocol support (HTTP, gRPC, TCP)
- Device identity and attestation
- Audit logging and session recording
- Integration with identity providers (Okta, Azure AD, Google, etc.)
- Mutual TLS (mTLS) support
- Zero-trust network access (ZTNA)
- Secure remote access to internal apps
- Identity-aware load balancing
- Replacing VPN with identity-based access
- Compliance and audit requirements
- Go (Golang)
- Envoy proxy (data plane)
- gRPC (internal communication)
- Active development by Pomerium Inc.
- Zero-trust access proxy
- Official Docker image:
pomerium/pomerium
- Suitable for modern zero-trust architectures
¶ History and References
Any questions?
Feel free to contact us. Find all contact information on our contact page.