Node.js SPIFFE Workload API client
SPIFFE models
typescript client for spiffe
SPIFFE-compliant TypeScript SDK with extended workload identity and attestation support
A TypeScript library for working with SPIFFE workload identities.
SPIFFE/SPIRE workload identity credential store for @datacules/agent-identity
SPIFFE models
SPIFFE/SPIRE identity framework configuration generator CLI
AuthSec SDK for MCP Auth, Services, CIBA, and SPIFFE integration (TypeScript/JavaScript)
Enforcement and accountability layer for AI agents. Bring your own identity (did:key, did:web, SPIFFE, OAuth, did:aps). Policy eval <2ms, 14 constraint dimensions, 403 ops/sec. Gateway enforcement, monotonic narrowing, cascade revocation, Bayesian reputat
Domain infrastructure utilities: rate limiting, offline event queuing, TLS/mTLS configuration, SPIFFE identities, and metrics collection.
The Self-Hostable MCP Agent Runtime OS for the Computer-Use Era. 1,303 APIs across 82 categories, free evolving persistent memory (GraphRAG + episodic), zero-trust agent identity (NIST-aligned SPIFFE/SVID), computer use backend, MCP gateway + policy engin
Advanced security utilities for the Naylence Fame runtime implemented in TypeScript.
Cedar policy evaluation for OVID agent mandates — enforcement, audit, and dashboard
Naylence Runtime - Complete TypeScript runtime
AI Agent 身份认证与数字签名 SDK
Core SPIFFE identity types and Workload API sources
SPIFFE-based mutual TLS integration for rustls
Tokio-native async accept/connect helpers for spiffe-rustls
Rust port of spiffe-go with SPIFFE IDs, bundles, SVIDs, Workload API client, federation helpers, and rustls-based SPIFFE TLS utilities.
SPIFFE/SPIRE workload identity agent for Sentinel reverse proxy
SPIFFE Integration with Rustls to provide Server and Client certs/keys and CA bundle
A harness for creating consistently-shaped servers will less boilerplate
This is a reserved placeholder package to mitigate dependency confusion risks.
Identity projection lifter for the Nucleus substrate. Lifts a JWT-SVID (SPIFFE 2.0) into a Projection::Identity body that the substrate Receipt envelope can carry. Verifier path validates the SVID against a published JWKS — fully offline once the JWKS is fetched.
Identity primitives for the axess workspace: typed identifiers (TenantId, UserId, DeviceId, SessionId, EventId; all `FooId(Uuid)` newtypes via the `define_id!` macro) plus the principal abstraction (unified `Principal` enum with `Human` + `Workload` variants, SPIFFE-shaped `WorkloadId` / `TrustDomain` / `Issuer`, and the async `PrincipalResolver` trait + `CliResolver` impl). Foundation crate, deliberately small: depends only on `axess-rng` (for the DST-injectable `SecureRng` trait), `uuid`, and `thiserror`. No tokio, no axum, no Cedar; axess-core layers session integration plus Cedar entity emission on top of these primitives. See `docs/workload-identity/README.md` for the broader design.
JWT/OIDC, OAuth2, and SPIFFE identity bridging for A1 — bind enterprise identities to Ed25519 delegation keys
JWT/OIDC, OAuth2, and SPIFFE identity bridging for dyolo-kya — bind enterprise identities to Ed25519 delegation keys
A Ruby gem that implements the SPIFFE Workload API client, allowing Ruby applications (like Puppet) to fetch X.509 and JWT SVIDs from a SPIRE Agent over Unix domain sockets.
Convert a flat BOSH manifest for something into a set of Spiff templates.
No description provided.
No description provided.
No description provided.
No description provided.
No description provided.
No description provided.
No description provided.
No description provided.