[Webinar] Ditch Static Credentials: Embrace WIF for Enhanced Security | Nov 6 at 11 a.m. PT | Register Now

Aembit Earns Prestigious Runner-Up Spot at RSA Innovation Sandbox Contest! Watch the Announcement

Trust and Credential Provider Integrations

Your applications and development processes depend on a vast collection of services to store, retrieve, and generate credentials.

Aembit provides robust support for growing numbers of trust and credential providers, ensuring easy adoption and centralizing the source of truth for all workload and non-human access.

Credential Providers

Your Credentials.
Your Rules.

Credential providers (CPs) are systems that provide various types of access credentials, like OAuth tokens, API keys, or username and password pairs. The Aembit Cloud itself can function as a CP, or Aembit can integrate with your preferred third-party security token services or secrets management services.

Aembit will automatically retrieve stored keys or credentials, or request access tokens on behalf of client workloads and injects them in the API call without having to change any code. These keys and credentials hidden from your developers and applications. They can never be leaked

Local
  • API Key
  • Username / Password
Remote
  • AWS Security Token Service (STS)
  • JSON Web Token (JWT)
  • OAuth 2.0

Trust Providers

Building a Secretless Future

Trust providers are third-party systems or services that provide a secretless method for Aembit to authenticate client workloads.

Trust providers can attest to, or affirm, workload identities and provide information about the environment in which they operate with high reliability and trustworthiness. These providers, when queried, can provide a cryptographically signed instance identity document that includes information about the underlying compute instance (e.g., EC2 instance) on which the workload runs. Aembit can then use an instance identity document, or service account token, to validate the instance’s attributes and use them to issue an appropriate access credential.

Trust providers may be either self-hosted or managed by cloud providers. Aembit supports the following TPs:

Ready to try Workload IAM?

Get started in minutes, with no sales calls required. Our free-forever tier is just a click away.