Enterprise SSO architecture, from day one.

Our platform handles critical workloads, so federated identity access control isn't an add-on — it's how your team accesses every node we manage, from the very first instance.

01

Identity Integration

Full SAML 2.0 and OIDC (OpenID Connect) compatibility with major enterprise identity providers, including Okta, Microsoft Entra ID (formerly Azure AD), Google Workspace, and Ping Identity.

02

Role-Based Access Control (RBAC)

Map your corporate directory security groups directly to specific virtual machine admin privileges — no manual permission mirroring, no drift between HR systems and infrastructure access.

03

Secure Console Access

Integration with OS Login on Google Cloud means your team signs into Linux nodes with centralized corporate SSO credentials instead of managing individual static SSH keys.

Supported identity providers
Okta
Microsoft Entra ID
Google Workspace
Ping Identity
Directory groupRBAC policyOS LoginVM shell access

No static keys distributed. Access is revoked centrally the moment a group membership changes — across every instance, every region.

Why it matters

One identity graph, every instance in sync.

Identity changes propagate across the fleet the same way a security event would — instantly, and without a manual key rotation.

IdP RBAC policy vm-node-01 vm-node-02 vm-node-03
Set up SSO for your fleet →