Agentic Access Management
A key opens the door forever. A latch opens once.
Cipherlatch is the broker between your AI agents and everything they can reach. Instead of a standing key, each agent presents a scoped, verifiable cipher for a single request — the latch opens for minutes, then closes. Keys stay in your custody; revoke any agent in one call.
The exposure
Every agent you deploy is an identity you can't see, scope, or shut off.
Agents authenticate with the credentials a human handed them: a long-lived API key, a service-account secret, an OAuth refresh token. Multiply that across every tool an agent touches and you've built an access surface no one owns and no audit can reconstruct.
Standing secrets, unbounded blast radius
A leaked agent key is valid until someone notices and rotates it by hand. Until then it carries every permission the agent was ever granted.
No least privilege
Agents inherit broad, static roles because scoping each call is impractical. One prompt-injected agent reaches everything the credential can.
Nothing to hand the auditor
Which agent used which credential, against which resource, when? Without a broker in the path, the answer is reconstructed from partial logs — or not at all.
The broker in the path
Put Cipherlatch between the agent and the resource. Nothing standing ever leaves.
Agents don't hold credentials — they ask Cipherlatch for access at the moment of use. The broker mints a short-lived, cryptographically bound token scoped to that request, records it, and can kill it instantly.
Agent requests access
The agent presents its own workload identity — no shared secret. Cipherlatch authenticates it against your IdP or a SPIFFE/OIDC federation trust.
Broker issues scoped, short-lived credentials
Policy decides what's allowed, then Cipherlatch mints a sender-constrained token bound to the caller and scoped to the resource. It expires in minutes.
Revoke and prove it
Kill a credential, an agent, or a tenant in one call — the blast radius closes immediately. Every issue, deny, and revoke lands in a tamper-evident log.
What you control
The governance surface a security review actually asks about.
Cipherlatch maps to the controls you already have to answer for — least privilege, key custody, provisioning, separation of duties, and evidence.
Instant revocation
Revoke a single credential, a whole agent, or an entire tenant in one call. No waiting on token expiry, no manual key rotation.
Key custody, on your terms
Per-tenant keyrings backed by cloud KMS or HSM. Keys are generated, wrapped, and rotated inside a boundary you own — agents never see them.
Federated workload identity
Trust agents by who they are, not by a shared secret. SPIFFE and OIDC federation let workloads across clusters and clouds authenticate directly.
Policy at the gateway
Every request passes an OPA or Cedar decision before a credential is minted. Rate limits and quotas cap what a compromised agent can do.
Lifecycle provisioning
SCIM 2.0 syncs agents and owners from your directory, with owner-suspension that cascades to every credential the owner controls.
Evidence, by default
Every issue, deny, and revoke is recorded with the caller, the scope, and the policy decision — configurable logging that satisfies the audit, not just the on-call.
Open core
Run the whole broker for free. Pay only to root your keys in your own hardware.
Cipherlatch is self-hosted — your keys never leave your boundary, and we're never in a position to hold them. The commercial line isn't a paywall around SSO or basic auth; it's the HSM and per-tenant KMS backends that let you keep custody in hardware you control, at enterprise grade.
Core
The full broker, self-hosted. No feature gates on the things every team needs.
- Short-lived credential issuance
- DPoP + private_key_jwt binding
- Instant revocation + audit log
- SPIFFE / OIDC federation, SCIM 2.0
- Gateway policy, rate limits + quotas
- Single sign-on — never a paid add-on
Enterprise
Root your keys in your own HSM and per-tenant KMS — custody-grade backends over the same core.
- HSM-backed custody, in your hardware
- Per-tenant cloud-KMS keystores
- Dynamic credential providers
- SSH-CA short-lived certificates
- FIPS-mode crypto + compliance evidence
- Priority support + SLA
No SSO tax. No audit-log tax. You pay to keep custody in your own hardware — never to hand it to us.
Agentic Access Management
Give every agent exactly the access it needs — for exactly as long as it needs it.
Deploy the open-source broker today, or talk to us about custody-grade key handling in hardware you control.