Pomerium
Clientless, secure connections to your applications without a VPN

Pomerium is a zero trust, identity-aware reverse proxy that enables secure, clientless access to internal applications and infrastructure without requiring a VPN. It integrates with existing OIDC-compliant identity providers and enforces continuous policy via YAML-style policy-as-code, using cryptographically-signed JWTs for upstream access. The platform supports Kubernetes ingress, distributed team access, and AI agent authorization with centralized auditing.
Pomerium acts as a Layer 7 reverse proxy that authenticates users via an OIDC identity provider, enforces policy-as-code authorization on every request, and connects them to upstream applications using signed JWTs — all without requiring a client install.
Engineering and security teams managing secure access to internal applications and infrastructure
Background.
- Status
- launched
- Business model
- freemium
- Company
- Pomerium, Inc.
Similar projects.
Editorial take on the space this project sits in — momentum signals, adjacent moves, our call on whether the wedge is real. Get pinged when we publish a new read or when the landscape shifts.
Have a take on this space?
Tell us what you’d build differently, where you think the incumbents miss, or what we’ve gotten wrong about this project. Comments + reactions are coming soon.