The Modern, Open Source, Self-Hosted, Scalable BeyondCorp Platform
A Modern, Open Source BeyondCorp Architecture
Replace your Business VPNs and Traditional Remote Access Tools with a Modern, FOSS, Self-Hosted, Unified BeyondCorp Zero Trust Architecture to Provide Secure Secret-less, Client-less Access for both Teams via their Browsers as well as for Workloads via Standard OAuth2 Authentication Flow
A Unified Architecture to Internal and SaaS Resources
A Unified Architecture to Provide Access to Private/Internal Resources behind NAT Scattered Across Multiple Clouds and Environments as well as Protected Public Resources such as SaaS HTTP, gRPC and Kubernetes APIs
Dynamic, L-7 Aware, Secret-less Access
Provide Dynamic Secret-less Access to any HTTP-based Resources without Sharing Upstream API Keys, Access Tokens and OAuth2 Credentials without Managing Keys and mTLS Certificates
Identity-based, L-7 Aware Access Control
Access Control at the Application-layer (L7) (e.g. HTTP paths and methods, Kubernetes namespaces and verbs, etc...) using Identity-aware Proxies (IAPs) via Context-aware Policy-as-Code via CEL and OPA
Unified, Scalable Access via OAuth2 for Workloads
Provide Unified Access to all your REST and gRPC APIs for your Workloads written in any Programming Language via Standard OAuth2 Client-Credentials Flow without having to use Special SDKs
Built for Scalability and Availability
A Scalable Platform Built on top of Kubernetes for Automatic Horizontal Scalability and Availability
Integrate your OIDC/SAML SSO Providers
Seamlessly integrate any OpenID Connect or SAML 2.0 SSO Provider as well as GitHub OAuth2.
Centralized, Declarative and Programmable Management
Designed to be Administered like Kubernetes via DevOps/GitOps-friendly Centralized and Declarative Way. The Cluster is furthermore fully Programmable over gRPC.
OpenTelemetry-Ready Visibility
OpenTelemetry-ready Layer-7 Aware, Real-Time Visibility and Auditing to Your Log Management and SIEM Providers
Octelium is Free and Open Source Software