DevOps is now DevSecOps

Free to get started. No credit card required.

Why build with Cloudentity?

Security should be an enabler, not a roadblock. Cloudentity allows you to include the latest security measures in your DevOps CI/CD flow to deliver a safe customer experience.

Speed to launch

Prebuilt and pretested microservices focused on protecting your app. Ready to include in your CI/CD flow.

Easy to use

Build the right service / API calls to be included in in your code via an easy to use GUI or simple orchestration guides.

Completely secure

Augments the existing security architecture by building a micro-perimeter that assures authentication and API security at the microservice level.

What does Cloudentity do?

Through secure and RESTful interfaces, Cloudentity keeps your microservices and applicaitons that use them secure whether they run on-site, in the cloud, or in a hybrid environment.


Ensure that the right people, services, and things, have the right access, to the right resources, in the right ways, and that you can prove all those "rights" to the people that need to know.


Ensure that the microservice business logic executes properly, data accuracy is maintained, protected data remains protected, and that you can prove it to the people that need to know.


Have confidence that the data you exchange with other services and organizations via APIs remains secure.


Use behavioral machine learning to deliver continuous adaptive authentication, authorization and relationship management between users, services, and things.

Pre-built set of security microservices

The Cloudentity Security Mesh is architected as a comprehensive set of Identity Microservices™ focused on protecting cloud-native applications. Every service is prebuilt, pretested, security reviewed.


Docker images wrapping microservice service with security sidecar and proxy

MicroPerimeter™ Mesh

Kubernetes Integration: initializers, kubernetes-vault integration, pod-dedicated security sidecar and proxy

TrUST Engine™

Runs algorithms calculating risk based on incoming events including storage of calculated risk associated with user, session, IP, device

Token Exchange

Just in time token service that inserts the tokens needed for use with existing proprietary IAM systems

Authorization Service

Create effective policies combining validation of user attributes, risk, permissions, roles, location, devices

Data Layer

Provides mapping, translation and aggregation services while interacting directly with data stores, sessions stores and existing IAM systems


Brings SAML into the modern era making it horizontally scalable and highly configurable


Set of federation services that enables service provider or relying party functionality

OAuth & OIDC

Multi-tenant, federated SSO for OIDC & OAuth enabled applications exposing APIs as well as UI to handle OAuth flows


Authentication to Cloudentity with external SAML and OIDC/OAuth enabled IDPs supporting dynamic IDP discovery

User Management

Multi-tenant, management of users and their attributes with built-in mobile, password and email verification flows

User Registration

Self/Admin user registration and activation flows with password management and reset password flows

Device Management

Built-in device print analysis and recognition algorithms, device history with Cassandra store support to store enormous amount of devices

Device Registration

Generation of device salt returned to the user agent with configurable additional device attributes


Comprehensive application management through distinct application capabilities: OAuth Client - client id, secret, consumed resources selection

Delegated Admin

Decentralized management of access rights for roles

IDP Configuration

Externalized configuration service for the SAML ID that implements external authentication module for SAML flows

User Self-Service

Self-registration, client-side password policy verification, email/mobile verification, device management, and more


Usage of MFAs in authorization policies providing a selection of predefined verifications and Device based adaptive authentication

API Gateway

APIs protection with powerful offline and online authorization/policy enforcement. Supports third party GWs via plugins

Service mesh sync

Microservices installed within the secured service mesh domain to synchronize local configuration with the centralized policy and API management

Service mesh config

Microservice exposing central, tenant specific configuration for the service mesh sync consumption

Stats & Reports

REST APIs to get statics and reports. Capturing information from logs before writing it on disk and sending to analysis

Administration UI

UI based User, Application, Federation, Organization, Microservice, Policy, Permission, Role Management


Cloudentity provides industry leading flexibility with subscription pricing based not on the number of users but on the number of deployed services.

Cloudentity Small


Are you just getting started with cloud? Do you just need a quick boost in identity and security with social login, SSO or passwordless SSO, or multifactor authentication (MFA)?

Cloudentity Medium


Are you an established business, startup or a major enterprise? Do you need authentication for API or application?

Cloudentity Large


Do you need to support complex mix of transactions, users and devices? Does your risk curve vary throughout the application? Do you need to scale quickly across a large customer base? Microservices allow quick and simple integration, updates, and deployment.


Recognizing that cloud-first security spans multiple domains, Cloudentity integrates with a wide variety of security and identity technologies and partners with major industry leaders.