3 Repos
Modules for integrating cloud-native authentication mechanisms with machine identities.
Distinguishing note: Focuses on cloud-specific auth provider integration, distinct from generic identity federation.
Explore 3 awesome GitHub repositories matching security & cryptography · Cloud Authentication Integrations. Refine with filters or upvote what's useful.
Infisical is a centralized secrets management platform designed to store, synchronize, and control access to sensitive credentials and configuration data across distributed development, staging, and production environments. It employs client-side encryption to ensure that secrets remain unreadable to the underlying storage infrastructure, while providing a hierarchical permission model to govern both user and machine access. The platform distinguishes itself through dynamic credential provisioning, which generates short-lived access tokens that are automatically revoked after use. It supports
Attaches cloud authentication settings to machine identities by defining trusted resource names and network ranges.
Dex is an OpenID Connect provider and identity federation proxy that translates authentication signals from various upstream sources into a unified OpenID Connect interface. It functions as a multi-protocol identity broker, enabling client applications to implement a single standard while delegating user verification to external identity providers. The project distinguishes itself through a pluggable connector architecture that bridges disparate protocols including LDAP, SAML, and OAuth2. It provides specific integrations for services such as GitHub, Google, GitLab, and Microsoft, while offer
Integrates with Bitbucket Cloud via OAuth2 to extract user emails, usernames, and team memberships.
This project is a public key infrastructure management system designed to automate the issuance, renewal, and revocation of X.509, TLS, and SSH certificates. It functions as a machine identity provider and certificate authority, enabling the establishment of private PKI to secure inter-service communication and remote access. The system distinguishes itself through hardware-bound identity attestation, which ties cryptographic keys to physical device silicon or TPMs to prevent credential exfiltration. It supports a wide array of identity verification mechanisms, including OIDC, cloud-provider
Verifies workload identity using cloud-provider instance documents to authorize certificate issuance.