Skip to content

Cloud-native Authorization Service

Highly flexible authentication and authorization service with fine grained controls, compatible with ExtAuth protocol and Stripe.

Why does the world need SternGuard?

We started building backends with microservices in 2018. Instantly we felt that exposing too many services to the internet created both confusion for the frontend developers and increased the attack surface area. We decided to use the Ambassador API Gateway (now called Emissary Ingress).

However, we needed an auth service which could talk to the ExtAuth protocol of the Envoy proxy. That is when SternGuard was born.

Over the years, we have developed SternGuard into a comprehensive authentication and authorization service. It can be modelled for various authorization schemes such as RBAC, OBAC, ABAC, and ReBAC. 

SternGuard can also act as an OAuth2 server, manage API keys, and can be integrated with a variety of authentication providers. SternGuard makes it easy to start building new products very quickly.

Here are the features which make SternGuard really awesome.

API Gateway Integration

SternGuard comes with out of the box support for Envoy's ExtAuth protocol which is also utilised by API Gateways built over Envoy. SternGuard is battle tested alongside Emissary Ingress, which is also a cloud-native service. Using SternGuard makes it easy to adopt API Gateway pattern in your microservices architecture.

Fine Grain Authorization

SternGuard was built to act as a flexible service which could implement authorization over "anything". Developers are able to use SternGuard's API and/or Kafka consumers to both setup rules and define instance specific permissions. Everything can be done in a composable manner.

OAuth2 Server

SternGuard is also a fully featured authentication service with support to act as an OAuth2 client or server as well. This aids in building integrations such as Zapier, and exposing your API to the public. SternGuard also provides multiple authentication methods to your users.

Stripe Integration

SternGuard is also a complete subscription billing service powered by Stripe. When authorizing requests, it is important to know whether a user's tenant is in good standing. SternGuard supports all the most commonly used pricing schemes such as per seat billing, metered usage, scaled pricing etc.

Here are the tools we used.

All
Backend
Cloud
DevOps
Frontend
Node JS Logo PNG
NodeJS
emissary-ingress
Emissary Ingress
PostgreSQL Logo PNG
PostgreSQL
Redis Logo PNG
Redis
Kafka Logo PNG
Kafka
Docker Logo PNG
Docker
Postman Logo PNG
Postman
opentelemetry
OpenTelemetry
zapier_logo
Zapier
Stripe Logo PNG
Stripe

Ready to start building your product?