Easily and securely extend Kerberos-based authentication to the cloud

30c028b7 dfd6 4fce 8aab 99e8d731ba29 uc 3


Scytale Enterprise, industry-first service identity platform, allows you to easily and securely extend Kerberos-based authentication infrastructure to the cloud. The solution securely issues short-lived credentials from on-premises identity providers (IdPs) such as Active Directory to cloud and container-based services. It also enables cloud services to access on-premise services without exposing IdPs to the public internet or breaking or changing existing risk policies.

How it works

Scytale Enterprise achieves the above through two core capabilities:

  • Scytale%2f98f5cb39 bde0 499c acb5 2420138e71b0 lock network
    Multi-factor service authentication based on industry standards (SPIFFE)

    Scytale Enterprise orchestrates a zero-trust attestation process that can lean on a configurable union of trusted third parties to provide a strongly attested identity, based on SPIFFE open standard (backed by the Cloud Native Computing Foundation), for cloud (and optionally, on-premises) services. Service identity is thus conferred by a detailed set of identifying attributes of the service in question, rather than by the presence of a service ticket or an IP address. Scytale Enterprise thus provides a highly trusted identity in dynamic environments and avoids the pitfalls of conventional secrets management.

  • Scytale%2f6877d8bb 7f14 487b 9753 fe8bb1907a49 cloud
    Identity brokering from a Kerberos identity provider to SPIFFE-identified services

    Having established the multi-factor identity a service, it is then necessary to be able to deliver to it a scoped, short-lived Kerberos ticket. Scytale Enterprise includes an identity brokering capability in which a SPIFFE-identified service may obtain a short-lived Kerberos service ticket from an identity provider. Theseshort-lived credentials are then delivered directly to the service via a channel secured by the multi-factor authentication process described above.


  • Scytale%2f3b893a4d 932f 4770 8235 588fbc7d908e cloud ok

    Strengthen your security posture and protect your existing investments

  • Scytale%2f748105e5 8ccd 4a7f a0fe d452959ce901 performance

    Boost staff and developer productivity

  • Scytale%2f748105e5 8ccd 4a7f a0fe d452959ce901 performance

    Speed cloud and container adoption

  • Scytale%2ffa7fc66b 8ad2 4aa5 b467 74e1092f1efd time

    Reduce time to market from weeks to minutes

View more use cases

2020 Copyright Scytale Inc