Skip to content

Zero-Trust Network

ORY Oathkeeper authorizes incoming HTTP requests. It can be the Policy Enforcement Point in your cloud architecture, i.e. a reverse proxy in front of your upstream API or web server that rejects unauthorized requests and forwards authorized ones to your server. If you want to use another API Gateway (Kong, Nginx, Envoy, AWS API Gateway, ...), Oathkeeper can also plug into that and act as its Policy Decision Point.

The implemented problem domain and scope is called Zero-Trust Network Architecture, BeyondCorp, and Identity And Access Proxy (IAP).

More information here

Back to top