Existing solutions lack flexibility and granular control, limiting adaptability to specific business needs. Ory Oathkeeper integrates with your infrastructure, giving you complete control over authentication workflows.
Full visibility. Full Control. Fully yours.
Ory Oathkeeper allows you to forward authorized requests and reject unauthorized ones. It can act as a reverse proxy or interface with your existing API Gateway.
Integrate everywhere
Ory Oathkeeper is an Open Source cloud native Identity & Access Proxy / API (IAP) and Access Control Decision API. It authenticates, authorizes, and mutates incoming HTTP(s) requests, and is written in Go. Implementation is straightforward on any system.
Zero Trust Architecture
Apply Zero Trust / BeyondCorp security in your tech stack. Ory Oathkeeper enables secure access for all users (e.g. employees, partners, customers).
Powered by Open Source
Ory Oathkeeoer is open source and evolves with every pull-request.
Ken Adler
Identity & Infosec
With Ory, I can build custom and secure ID infrastructure and APIs that fit perfectly into my client's ever-evolving cloud environments.
Ory Oathkeeper features at a glance
Identity and access proxy
Authorize HTTP requests to your server based on sets of access rules.
Carefree integration
Deploy alongside your existing API Gateways. Ory Oathkeeper plugs into Ambassador, Envoy, AWS API Gateway, Nginx and many more.
Enrich data
Accumulate data from multiple sources and parse it into custom headers: X-User-ID, JSON Web Tokens, and more.
Deploy Ory Oathkeeper on your preferred infrastructure
Deploy on any infrastructure and take full control over authentication and user workflows of your application.
id: allow-anonymous-with-id-token-mutator
upstream:
url: https://internal.service.local/resource/abc
match:
url: https://example.com/resource/abc
methods:
- GET
authenticators:
- handler: anonymous
authorizer:
handler: allow
mutators:
- handler: id_token
