mirror of https://github.com/pomerium/pomerium.git synced 2025-05-08 23:06:03 +02:00

History

Bobby DeSimone 351bf2fd53 cllarify release branches and timeline Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>		2019-08-05 13:37:20 -07:00
..
identity-providers	docs: update site ui	2019-08-03 22:28:18 -07:00
quick-start	docs: update site ui	2019-08-03 22:28:18 -07:00
reference	docs: update site ui	2019-08-03 22:28:18 -07:00
background.md	typo	2019-08-03 22:29:40 -07:00
CHANGELOG.md	docs: update site ui	2019-08-03 22:28:18 -07:00
readme.md	docs: update site ui	2019-08-03 22:28:18 -07:00
releases.md	cllarify release branches and timeline	2019-08-05 13:37:20 -07:00
upgrading.md	docs: update site ui	2019-08-03 22:28:18 -07:00

readme.md

title

lang

sidebarDepth

Overview

What is Pomerium?

Pomerium is an identity-aware proxy that enables secure access to internal applications. Pomerium provides a standardized interface to add access control to applications regardless of whether the application itself has authorization or authentication baked-in. Pomerium gateways both internal and external requests, and can be used in situations where you'd typically reach for a VPN.

Pomerium can be used to:

provide a single-sign-on gateway to internal applications.
enforce dynamic access policy based on context, identity, and device state.
aggregate access logs and telemetry data.
a VPN alternative.

Architecture

In action

To make this a bit more concrete, see the following short video which demonstrates:

An unauthorized user authenticating with their corporate single-sign-on provider (in this case Google)
The unauthorized user being blocked from a protected resource.
The unauthorized user signing out from their session.
An authorized user authenticating with their corporate single-sign-on provider.
Pomerium delegating and grating access to the requested resource.
The authorized user inspecting their user details including group membership.