3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-08-03 16:59:22 +02:00
Code Issues Projects Releases Packages Wiki Activity
pomerium/README.md
Bobby DeSimone 0a530fbea2
docs: update site ui 
Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>
2019-08-03 22:28:18 -07:00

2.7 KiB
Raw Blame History

pomerium logo

pomerium chat Travis CI Go Report Card GoDoc LICENSE codecov Docker Pulls

Pomerium is an identity-aware proxy that enables secure access to internal applications. Pomerium provides a standardized interface to add access control to applications regardless of whether the application itself has authorization or authentication baked-in. Pomerium gateways both internal and external requests, and can be used in situations where you'd typically reach for a VPN.

Pomerium can be used to:

  • provide a single-sign-on gateway to internal applications.
  • enforce dynamic access policy based on context, identity, and device state.
  • aggregate access logs and telemetry data.
  • a VPN alternative.

Architecture

pomerium architecture diagram

Demo

To make this a bit more concrete, see the following:

  1. An unauthorized user authenticating with their corporate single-sign-on provider (in this case Google)
  2. The unauthorized user being blocked from a protected resource.
  3. The unauthorized user signing out from their session.
  4. An authorized user authenticating with their corporate single-sign-on provider.
  5. Pomerium delegating and grating access to the requested resource.
  6. The authorized user inspecting their user details including group membership.

Docs

For comprehensive docs, and tutorials see our documentation.