About
Built on OIDC and OAuth 2.0. Works with Okta, Ping, Entra ID, Cognito, Curity, OpenAuth, or any other compliant identity provider you already run. The Handled Cloud stack is the only piece that knows about your IDP; your applications do not.
The token set is split between the user's session cookie and edge storage. Neither half is sufficient to reconstruct a token. There is no path on which a single component — browser, edge, or origin — can impersonate the user.
Handled Cloud is IDP-agnostic by design. The engineering cost to migrate between identity providers is the cost of updating one Handled Cloud configuration, not the cost of re-implementing OAuth across every application. That gives you negotiating power with your current supplier and a clean off-ramp when the contract is up.
Handled Cloud runs the full session at a single edge node. Login, logout, refresh, and the JWT that reaches your origin are all handled in one place, so a new gateway or micro-frontend does not need its own identity integration.
Ready to deploy?
Get Started