mirror of
https://github.com/pomerium/pomerium.git
synced 2025-05-14 17:47:54 +02:00
7e55f51738
* fix Transmission sorting in sidebar * rename VSCode Server for alphabetizing and clarity * Transmission BitTorrent Client Guide (#2281) * init transmission guide * Update docs/guides/transmission.md Co-authored-by: bobby <1544881+desimone@users.noreply.github.com> * Update docs/guides/transmission.md Co-authored-by: bobby <1544881+desimone@users.noreply.github.com> * Update docs/guides/transmission.md Co-authored-by: bobby <1544881+desimone@users.noreply.github.com> Co-authored-by: bobby <1544881+desimone@users.noreply.github.com> * update installation source for mkcert (#2340) * Docs sorting (#2346) * fix Transmission sorting in sidebar * rename VSCode Server for alphabetizing and clarity * capitalize Pomerium * Update docs/guides/code-server.md Co-authored-by: Joe Previte <jjprevite@gmail.com> * fix naming and sorting for coder-server, add description Co-authored-by: Joe Previte <jjprevite@gmail.com> * Docs sorting (#2346) * fix Transmission sorting in sidebar * rename VSCode Server for alphabetizing and clarity * capitalize Pomerium * Update docs/guides/code-server.md Co-authored-by: Joe Previte <jjprevite@gmail.com> * fix naming and sorting for coder-server, add description Co-authored-by: Joe Previte <jjprevite@gmail.com> * fix code-server title Co-authored-by: bobby <1544881+desimone@users.noreply.github.com> Co-authored-by: Joe Previte <jjprevite@gmail.com> |
||
|---|---|---|
| .. | ||
| community | ||
| identity-providers | ||
| img | ||
| quick-start | ||
| topics | ||
| architecture.md | ||
| background.md | ||
| CHANGELOG.md | ||
| FAQ.md | ||
| installation.md | ||
| readme.md | ||
| upgrading.md | ||
| title | lang | sidebarDepth | meta | |||||
|---|---|---|---|---|---|---|---|---|
| What is Pomerium? | en-US | 0 |
|
What is Pomerium
Overview?
Pomerium is an identity-aware proxy that enables secure access to internal applications. Pomerium provides a standardized interface to add access control to applications regardless of whether the application itself has authorization or authentication baked-in. Pomerium gateways both internal and external requests, and can be used in situations where you'd typically reach for a VPN.
Pomerium can be used to:
- provide a single-sign-on gateway to internal applications.
- enforce dynamic access policy based on context, identity, and device state.
- aggregate access logs and telemetry data.
- perform delegated user authorization for service-based authorization systems:
- provide unified identity attestation for upstream services:
- provide a VPN alternative.
Demo
To make this a bit more concrete, click the image thumbnail to see a short youtube demo:
The above video shows the flow for both an unauthorized and authorized user.
- An unauthorized user authenticates with their corporate single-sign-on provider.
- The unauthorized user is blocked from a protected resource.
- The unauthorized user signs out from their session.
- An authorized user authenticates with their corporate single-sign-on provider.
- Pomerium delegating and granting access to the requested resource.
- The authorized user inspecting their user details including group membership.