SVID Issuance and Signing

Configure key management and upstream certificate authorities for SVID signing.

📄️SVID Issuance Policy

Managed configuration of SVID TTLs, subjects, and path templates, with optional per-workload overrides.

📄️SPIFFE ID templates

Customize the path structure of SPIFFE IDs.

📄️JWT-SVID customization

Configure JWT claims and audience values.

📄️X.509-SVID customization

Configure X.509 certificate fields and extensions.

🗃Key Wrapping

Encrypt signing keys at rest with an external KMS.

🗃Key Manager

Store signing keys in an external KMS or HSM.

🗃Upstream Certificate Authority

Chain SVIDs to your organization's root CA.