Documentation
Start typing to search…

Gateway Overview

Akeyless Gateway Overview

Suggest Edit

Akeyless Gateway is a customer-hosted runtime component that sits between internal workloads and the Akeyless SaaS.

In practice, the Gateway is a stateless service that receives requests from applications, authenticates and authorizes those requests, brokers access to Akeyless services, and enforces local controls such as TLS settings, caching, and forwarding rules.

This allows internal systems to consume Akeyless capabilities such as Dynamic Secrets, Rotated Secrets, KMIP Server, and Classic Keys without directly exposing internal resources to the public network.

What the Gateway Does

The Gateway provides a local control plane and data path for secrets and encryption operations.

Key responsibilities include:

  • Brokering requests from workloads to Akeyless APIs.
  • Enforcing local authentication and access behavior.
  • Managing local cache behavior for resilience during SaaS connectivity issues.
  • Applying local transport security and certificate trust settings.
  • Forwarding logs and telemetry into enterprise observability systems.

How It Fits in Your Architecture

At a high level, workloads call the Gateway, and the Gateway communicates with Akeyless SaaS services over outbound connectivity.

For SaaS service endpoint and connectivity requirements, see Gateway Network Connectivity.

Deployment Models

You can deploy Akeyless Gateway in several operating models, depending on your infrastructure and scaling requirements:

With this Gateway, Akeyless offers:

Gateway Lifecycle Navigation

Akeyless Gateway Architecture

Tutorial

Check out our tutorial video on Installing and Configuring the Gateway.

Updated about 6 hours ago

What’s Next
Footer Section