What is Pomerium? | Pomerium
Skip to main content

What is Pomerium?

Pomerium is an open source identity-aware proxy built around the principles of BeyondCorp and zero trust. It secures your internal applications, servers, services, and workloads by continually verifying a user's identity, device state, and request context before granting access.

Unlike VPN or tunnel-based approaches, Pomerium provides a scalable, modern alternative that centralizes access policy without requiring client software.

Key benefits:

  • Seamless, clientless access: No corporate VPN to install or maintain.
  • Granular enforcement: Every request is authenticated and authorized.
  • Extensible: Works across multiple environments (cloud, on-prem, hybrid).
  • Open source: Built on the BeyondCorp model. Transparent, with an active community.

How does it work?

Pomerium intercepts and routes user traffic to protected services through an identity-aware access layer, ensuring every request is validated against your configured identity provider, policies, and device context.

Internal

Pomerium

Identity

Internet

Request Access

Authenticate

Return Claims

Allow or Deny

Forward Request

User

Identity Provider

Pomerium Proxy

Policy Engine

Protected Service

In practice:

  1. Authenticate: Users sign in through your identity provider.
  2. Authorize: Pomerium checks policies to decide who gets access.
  3. Proxy: Traffic to internal apps flows through a secure, policy-enforced route.

This approach simplifies managing access to internal services—no more network-level trust. Instead, trust is tied to identity, context, and a dynamic access policy.

Why Pomerium?

  • Streamlined: No need to juggle separate VPN clients or network ACLs.
  • Future-proof: Native zero trust posture that's ready for remote work, BYOD, or multi-cloud.
  • Fast: Deploy where your apps run; no heavy routing or hardware dependencies.
  • Secure by default: Continuous authentication and authorization ensures only valid requests get through.

Community

  • Get updates: Join pomerium-announce or follow us on Twitter.
  • Get help: Visit Discuss for Q&A and best practices.
  • Report bugs: Search GitHub issues or open a new one if you don't see yours listed.
  • Suggest features: Check for existing feature requests, then open a new issue if needed.

Next steps

Ready to try it out? Check out the Quick Start to spin up Pomerium and secure your first application.

Feedback