oathkeeper
A cloud native Identity & Access Proxy (IAP) and Access Control Decision API that authenticates, authorizes, and mutates HTTP requests.
What is oathkeeper?
Ory Oathkeeper is a cloud native Identity & Access Proxy (IAP) and Access Control Decision API that secures applications in Zero-Trust networks. It authenticates, authorizes, and mutates incoming HTTP(s) requests based on configurable rules, decoupling security logic from application code. Inspired by Google's BeyondCorp model, it helps organizations implement robust access controls without embedding them into their services.
Platform engineers, DevOps teams, and security architects building or managing cloud native applications who need to externalize authentication and authorization. It's ideal for organizations adopting Zero-Trust security models and requiring scalable, API-first access control.
Developers choose Ory Oathkeeper for its flexibility in deployment (proxy or sidecar mode), seamless integration with popular API gateways, and its ability to enforce complex access policies without code changes. Its cloud native design ensures it scales effortlessly in modern infrastructure.
Overview
A cloud native Identity & Access Proxy / API (IAP) and Access Control Decision API that authenticates, authorizes, and mutates incoming HTTP(s) requests. Inspired by the BeyondCorp / Zero Trust white paper. Written in Go.
Use Cases
Best For
Related Projects
Found a gem we're missing?
Open-Awesome is built by the community, for the community. Submit a project, suggest an awesome list, or help improve the catalog on GitHub.
