Akeyless launched NHI Federation, a solution that delivers Single Sign-On (SSO) for machines. As organizations increasingly operate workloads across on-premises and multi-cloud environments, platform and security teams face growing challenges in enabling secure and seamless access across these diverse ecosystems.
Akeyless Non-Human Identity (NHI) Federation solution addresses this complexity by providing a unified SaaS-based solution that facilitates secure authentication and access control across heterogeneous environments. Its patented Distributed Fragments Cryptography (DFC) underpins a zero-knowledge architecture, ensuring that sensitive data remains fully encrypted and inaccessible to any third party—including Akeyless itself.
The solution enables organizations to securely authenticate and authorize machine identities—the digital credentials assigned to workloads, containers, microservices, and applications—across multi-cloud and hybrid environments.
As enterprises scale cloud-native and AI-powered infrastructure, the number of machines (non-human actors such as applications, services, and automated tools) grows exponentially. Each machine must be assigned a machine identity to securely access resources and communicate with other systems. Without centralized management, these identities often rely on static secrets scattered across environments—leading to credential sprawl, operational inefficiencies, and increased risk of breach.
Today, machine identities represent more than 40% of all enterprise identities. Left unmanaged, they expose organizations to service disruptions, lateral movement, and compliance violations. What’s needed is a consistent, zero trust approach to managing and securing machine-to-machine communication across environments.
Akeyless NHI Federation addresses this challenge by replacing static credentials with ephemeral, just-in-time tokens issued through federated authentication. The platform integrates natively with leading cloud identity providers—including AWS IAM, Azure Entra ID, and Google Workload Identity Federation—as well as Kubernetes service accounts and on-premises identity systems. This ensures every machine identity is continuously authenticated and authorized, in line with zero trust principles.
“There’s growing awareness that managing machines isn’t enough—we need to manage their identities just as rigorously as we do for humans,” said Oded Hareven, CEO of Akeyless. “With NHI Federation, we’re delivering what the market has long needed: SSO for machines that works across all environments and eliminates reliance on long-lived secrets. It’s a foundational shift in how modern infrastructure is secured.”
“Organizations already rely on multiple identity providers,” added Refael Angel, CTO of Akeyless. “Our solution unifies those disparate systems into one control plane for Machine Identity Management, reducing operational overhead while enforcing consistent access policies wherever workloads run.”
NHI Federation is built on Akeyless’s patented Distributed Fragments Cryptography (DFC), ensuring no single point of failure. It supports industry standards such as SPIFFE/SPIRE, integrates with the Akeyless Gateway, and offers full audit trails for every machine identity interaction—supporting both compliance needs and forensic investigation. When combined with Akeyless’s capabilities for dynamic secrets generation and automatic rotation, NHI Federation delivers complete IAM for Machines from a single platform.
NHI Federation is available immediately for all Akeyless enterprise customers. The solution deploys through the existing Akeyless Gateway without requiring modifications to cloud configurations or workload code.
