Handled Cloud is a CDN-native Identity solution that works with your Identity Provider to handle session management, caching and origin configuration.
Sign upEvery team that touches identity in your organisation re-implements OAuth. The implementations drift apart the moment a new micro-frontend ships, a new API gateway is added, or a new identity provider is onboarded. Users get logged out unexpectedly. Tokens expire at the wrong time. Handled Cloud handles the session, OAuth, and token exchange at the Cloudflare edge, in one place, so the inconsistencies stop compounding.
How It Works
01
The browser is given a secure, httpOnly session cookie, which is managed by Handled Cloud, working with your Identity Provider.
02
At the edge, Handled Cloud validates the session cookie and reconstructs the token, forwarding this on to the configured origin.
03
Your API receives a standard Bearer token to validate or introspect with your IDP, no changes needed.
A single Handled Cloud deployment handles identity for every origin in your configuration: micro-frontends, API gateways, backend services. Add a new app by adding a route.
The session cookie is split between the browser and edge storage, so neither half is sufficient to reconstruct a token on its own.
Login, session continuity, and post-quantum security, all in the same deployment.
IDP Agnostic Session Handling
Handled Cloud manages login, logout, and refresh via OIDC with your Identity Provider.
Common Identity Behaviours
When developing frontends, you typically need to implement Identity behaviours such as session timeout, logout and redirect-via-login. The browser needs to load your full javascript bundle before being routed elsewhere.
Identity At The Edge
Handled Cloud is an edge-native solution built on Cloudflare.
Deploy in minutes into your Cloudflare account or ours. Works with any OIDC-compliant identity provider.
Get Started