/ Gate
••••••••••••••••••••

The identity service

Unify your backend identity, prevent breaches

Get started

Compatible with

AWS
Azure
Envoy
Istio
GCP
Kong
Kubernetes
nginx
Overview/Why Gate

Secure your identity logic and prevent breaches with Gate

Get rid of complex middleware code you can't really trust.

Gate is an identity service to manage your micro-services identity and data governance requirements.

plugins:
    - id: translator_up
      type: token-translation-upgrade
      enable_http_caching: true
      enabled: false
      parameters:
        <<: *slashid_config
        header_with_token: Authorization
        map_token_endpoint: http://backend:8000/map_token
urls: 
    - pattern: "*/api/admin"
      target: http://backend:8000
      plugins:
        translator_up:
          enabled: true
        validator:
          enabled: true
          parameters:
            token_schema: |
              patternProperties:
                user_roles:
                  contains:
                    const: admin
              required:
                - user_roles

yaml

25/25 ln

Get rid of risky, undifferentiated code

Remove the burden of implementing identity logic from your application developers and increase developer velocity by abstracting AuthN/AuthZ.

Easy interoperability and migrations

Gate can translate tokens across different identity stores and help with monolith to micro-services migrations.

Data and identity security

Simplify Infosec/compliance audits, enforce least-privilege access policies and detect PII and sensitive data.

Case studies/Proven approach

Top tier companies adopt a Gate-like approach

Use Cases/Engineering & Security

How can Gate help?

Gate works with existing API Gateway and service meshes (e.g.: Kong, Nginx, Envoy, AWS) and performs identity and governance related operations on incoming traffic.

Token management

Verify tokens, add custom claims to your identity tokens, translate tokens between different IdPs for migration and federation.

M2M authentication and authorization

Authenticate and authorize s2s or m2m interactions with OAuth 2.0 client credentials or mTLS.

Application access panel

Adopt Zero Trust. Add Identity-based access and WebAuthn MFA to internal applications.

Identity-based rate limiting, caching and audit logs

Implement distributed caching and rate limiting based on specific token claims.

Authentication and authorization at the edge

Delegate authentication and authorization to Gate and easily enforce ABAC/OPA/RBAC policies.

PII and identity threat detection

Detect token misuse and PII leaks with Gate's built-in detection engine.

Deploy Gate/Designed for developers

Deploy Gate with your favorite IaC tool through your CI/CD pipeline

We provide scripts to integrate with most API gateways, proxies and CDNs. Gate ships as a Docker image or a static binary to deploy in your environment.

Learn more

gate = {
  urls = [
    {
      pattern = "{{.gate.domain}}/id"
      target  = "{{.gate.authn.target}}"
      plugins = {
        request_validator = {
          enabled = false
        }
      }
      plugins = {
        request_validator = {
          enabled = false
        }
      }
    },
    {
      pattern = "{{.gate.domain}}/challenge"
      target  = "{{.gate.authn.target}}"
      plugins = {
        validator = {
          enabled = false
        }
      }
    },

tcl

27/27 ln