This feature is in private preview and is not publicly available.
Reflector User Guide
Welcome to the Reflector User Guide. This guide contains detailed information about using SPIRL Reflector in your SPIRL System deployment.
Overview
The SPIRL Reflector is an optional resiliency component that enhances the SPIRL workload identity platform by reducing dependency on the Trust Domain Server (TDS) for existing workload scaling operations. The Reflector operates as an intelligent caching proxy that sits between SPIRL Agents and the TDS, enabling continued credential issuance for existing workloads even when the TDS becomes unavailable.
The Reflector enhances this architecture by intercepting credential requests from Agents and either forwarding them to the TDS (normal path) or serving cached credentials when the TDS is unreachable (resilient path).
This design maintains a robust security model while providing steady-state resiliency, allowing existing workloads to scale out even during TDS outages, though new workload clusters still require TDS connectivity for initial credential bootstrapping.
See the below pages for more information about installing or using the Reflector.
📄️ Install SPIRL Reflector in SPIRL System
This feature is in private preview and is not publicly available.
📄️ Monitoring SPIRL Reflector
This feature is in private preview and is not publicly available.
📄️ Configuration Reference
This feature is in private preview and is not publicly available.