Open Source
Self-managed | always free
Download the open source Boundary binary and run locally within your environments.
Identity-based access
Boundary provides access to applications and critical systems with fine-grained authorizations without managing credentials or exposing your network.
Authenticate & authorize
Authenticate with any trusted identity provider you are already using and authorize access based on granular, logical roles and services.
Connect
Manage dynamic infrastructure and integrate service registries so hosts and service catalogs are kept up-to-date.
Access
Reduce risk of leaking credentials with dynamic secrets and just-in-time credentials. Automate credential brokering to securely access services and hosts with HashiCorp Vault.
How Boundary works
Boundary is a secure remote access solution that provides an easy way to allow access to applications and critical systems with fine-grained authorizations based on trusted identities across clouds, local data centers, low-trust networks.
Armon Dadgar
Co-founder & CTO
Common use cases for Boundary
Identity-based access
Enables privileged sessions for users and applications based on user identity and role.
Session visibility and audit logs
Visibility into session metrics, events, logs, and traces with the ability to export data to business intelligence and event monitoring tools.
Seamless IDP integration
Integrate with IDP of choice, including Azure Active Directory, Okta, and many others that support Open ID Connect.
Dynamic secrets management
Leverage Vault integration for the brokering of Vault secrets to Boundary clients via the command line and desktop clients for use in Boundary sessions.
Service discovery
Automate service discovery and access configuration as workloads are deployed or changed.
Infrastructure as code with Terraform
Define policies and manage Boundary with an Infrastructure as Code approach. Terraform provider supports the full breadth of Boundary configurations.
Boundary in Practice
Tutorial
OIDC Authentication
Set up OIDC with Auth0, Okta, or Azure Active Directory and manage from Boundary's dev mode.
Tutorial
OIDC IdP groups
Integrate with identity providers like Okta, cloud-hosted active directory services with an OIDC frontend, and cloud identity management systems such as AWS IAM.
Tutorial
Vault credential brokering
Integrate with Vault to broker secrets to Boundary clients.
Tutorial
Dynamic host catalogs on AWS
Enable automated discovery and dynamic connetions to target hosts and services on AWS.
Tutorial
Dynamic host catalogs on Azure
Enable automated discovery and dynamic connections to target hosts and services on Azure.
Tutorial
Event filtering and sink configuration
Increase observability of event-logging for operators, allowing for more fine-grained visibility when managing Boundary clusters.
Next Steps
Boundary automates secure identity-based user access to hosts and services across environments.