TideCloak is a privacy-preserving identity and access management (IAM) platform designed to enhance application security by integrating advanced cryptographic protections directly into authentication, authorization, and governance processes. Built on top of Keycloak, it introduces a "cyber-immune" layer that locks identities, data, and access rights with cryptographic keys that are inaccessible to administrators, cloud providers, vendors, or even the platform's own operators. This approach aims to ensure that security controls remain effective even in the event of severe breaches.
A core feature of TideCloak is its support for "bring your own identity" (BYOiD), allowing users to control their own digital identities without relying on centrally stored passwords. The platform employs digital wallet security and zero-knowledge password authentication, eliminating password repositories and reducing the risk of impersonation or lateral compromise. Policy-driven, tamper-proof authorization is enforced through an authority key that no entity can control, and every validation is sealed with incorruptible proofs. Governance is protected by quorum enforcement, preventing any single administrator from abusing privileges or bypassing workflow processes, and ensuring accountability throughout the system.
TideCloak delivers end-to-end encryption for each session, binding access to device-specific, one-time-use keys and creating secure tunnels between clients and services. 0 (with future SAML support), LDAP/Active Directory federation, centralized user and group management, and multiple authorization models (RBAC, ABAC, UBAC, CBAC). It also offers user self-service consoles, an admin UI and REST API, session and token management, theming and branding options, client libraries for various stacks, Kubernetes-ready deployment, audit and event logging, and extensibility through SPI plugins for custom integrations.
TideCloak is intended for developers and organizations seeking to add robust, privacy-focused authentication, authorization, and user data security to their applications. The platform provides quick integration, including an AI Agent Pack for tools like Cursor, Claude Code, and VS Code, supporting verified playbooks for authentication, encryption, and deployment.
TideCloak sits in PulseGate's Auth & identity category. Securing user authentication and authorization without exposing sensitive credentials or centralizing identity data. TideCloak is a B2B product aimed at developers. It runs on the web and API.
Tide builds and maintains TideCloak, and the product first shipped in 2025. The project is developed in the open on GitHub with 10 stars and 16 commits in the last 90 days. Among its 8 catalogued features are zero-knowledge auth, keycloak compatible, and BYOiD support. TideCloak is currently in beta.
Latest indexed changes and source events
Other apps tracked under the same category.