Existing solutions lack flexibility and granular control, limiting adaptability to specific business needs. Ory Oathkeeper integrates with your infrastructure, giving you complete control over authentication workflows.
Ory Oathkeeper allows you to forward authorized requests and reject unauthorized ones. It can act as a reverse proxy or interface with your existing API Gateway.
Ory Oathkeeper is an Open Source cloud native Identity & Access Proxy / API (IAP) and Access Control Decision API. It authenticates, authorizes, and mutates incoming HTTP(s) requests, and is written in Go. Implementation is straightforward on any system.
Apply Zero Trust / BeyondCorp security in your tech stack. Ory Oathkeeper enables secure access for all users (e.g. employees, partners, customers).
Ory Oathkeeper offers deployment flexibility. With open source roots, Ory Oathkeeper has grown to offer different models to suit your business needs. Deploy open-source, opt for Ory Enterprise License with additional features and support, or use the fully managed Ory Network for a seamless SaaS experience.
Ken Adler
Identity & Infosec
With Ory, I can build custom and secure ID infrastructure and APIs that fit perfectly into my client's ever-evolving cloud environments.
Deploy on any infrastructure and take full control over authentication and user workflows of your application.
Authorize HTTP requests to your server based on sets of access rules.
Deploy alongside your existing API Gateways. Ory Oathkeeper plugs into Ambassador, Envoy, AWS API Gateway, Nginx and many more.
Accumulate data from multiple sources and parse it into custom headers: X-User-ID, JSON Web Tokens, and more.
Get started with the guides and docs below
id: allow-anonymous-with-id-token-mutator
upstream:
url: https://internal.service.local/resource/abc
match:
url: https://example.com/resource/abc
methods:
- GET
authenticators:
- handler: anonymous
authorizer:
handler: allow
mutators:
- handler: id_token