Secure Production Identity Framework for Everyone

Inspired by the production infrastructure of Google and others, SPIFFE is a set of open-source standards for securely identifying software systems in dynamic and heterogeneous environments.

New to SPIFFE and SPIRE? Learn the basics in 6 minutes

What is SPIFFE?

SPIFFE, the Secure Production Identity Framework For Everyone, provides a secure identity, in the form of a specially crafted X.509 certificate, to every workload in a modern production environment. SPIFFE removes the need for application-level authentication and complex network-level ACL configuration. • Read more


What is SPIRE?

SPIRE, the SPIFFE Runtime Environment, is an extensible system that implements the principles embodied in the SPIFFE standards. SPIRE manages platform and workload attestation, provides an API for controlling attestation policies, and coordinates certificate issuance and rotation. • Read more

Who uses SPIFFE?

SPIFFE is currently used by a variety of projects that both issue and consume SPIFFE IDs.


Issuers

HashiCorp Consul

The Consul Connect service mesh uses the SPIFFE specification for establishing service identities, enabling Consul Connect services to connect with other SPIFFE-compliant systems Read more

Consumers