Transparent Authorization
Automatically grant access to intended service-to-service calls, and block anything else. Make secure access transparent for developers. Cloud-native, open source, with no new infrastructure and no maintenance.
clients-intents.yaml
is applied: the ecommevents
Kafka cluster is unprotected.orderservice
and checkoutservice
are accessing it... intentionally, or not?Get started with:
- Get started...
Access control with network policies
Stop maintaining a spaghetti of network policies. Bootstrap them from your existing traffic, and keep them automatically up to date.
- Get started...
Access control for kafka
mTLS access for your Kafka clients, and topic-level permissions, without worrying about certs or maintaining ACLs.
- Read more...
Intent-based access control
Make secure access effortless with a cloud-native, declarative approach – and end up with a zero-trust service-to-service network.
- Get started...
Access control with network policies
Stop maintaining a spaghetti of network policies. Bootstrap them from your existing traffic, and keep them automatically up to date.
- Get started...
Access control for kafka
mTLS access for your Kafka clients, and topic-level permissions, without worrying about certs or maintaining ACLs.
- Read more...
Intent-based access control
Make secure access effortless with a cloud-native, declarative approach – and end up with a zero-trust service-to-service network.

Transparent authorization in two steps: Declare, apply and you’re done.
Declare
Developers simply declare what they intend to call, in client intents files that live with their code.
No maintaining server permissions and access controls. No figuring out security mechanisms. No manual access requests.
You can even bootstrap intents files with the Otterize network mapper!
Declare
Developers simply declare what they intend to call, in client intents files that live with their code.
No maintaining server permissions and access controls. No figuring out security mechanisms. No manual access requests.
You can even bootstrap intents files with the Otterize network mapper!
Apply
Apply one or more client intents files into your Kubernetes cluster to “make it so”:
kubectl apply intents/my-service.yaml
Apply
Apply one or more client intents files into your Kubernetes cluster to “make it so”:
kubectl apply intents/my-service.yaml
Done
Only intended calls go through.
All authorization is now automatically configured.
Any credentials are generated or fetched, and distributed to local volumes.
Done
Only intended calls go through.
All authorization is now automatically configured.
Any credentials are generated or fetched, and distributed to local volumes.


Built for your engineering stack
