Pomerium
Clientless, secure connections to your applications without a VPN

Pomerium is a zero trust, identity-aware reverse proxy that enables secure, clientless access to internal applications and infrastructure. It integrates with existing OIDC-compliant identity providers and enforces continuous policy-based authorization on every request using cryptographically-signed JWTs. It is suited for remote teams, Kubernetes environments, and AI agent gateways requiring fine-grained access control and centralized auditing.
Pomerium acts as a Layer 7 reverse proxy that authenticates users via an OIDC identity provider, enforces YAML-based policies, and connects them to upstream applications using cryptographically-signed JWTs — all without requiring a client.
Engineering teams, DevOps engineers, and IT administrators managing secure access to internal applications
Background.
- Status
- launched
- Business model
- freemium
- Company
- Pomerium, Inc.
Similar projects.
Editorial take on the space this project sits in — momentum signals, adjacent moves, our call on whether the wedge is real. Get pinged when we publish a new read or when the landscape shifts.
Have a take on this space?
Tell us what you’d build differently, where you think the incumbents miss, or what we’ve gotten wrong about this project. Comments + reactions are coming soon.