AuthFI Connect — Multi-Cloud IAM

AuthFI Connect lets you manage who can access AWS, GCP, Azure, and OCI from a single control plane. Map AuthFI roles and groups to cloud IAM roles — users get temporary credentials or console signin with zero cloud passwords.

How it works

1. Connect cloud accounts — Add your AWS account ID, GCP project, Azure subscription, or OCI tenancy
2. Map roles — AuthFI role “cloud-admin” → AWS arn:aws:iam::123:role/Admin
3. Users get access — Based on their roles/groups, they can get credentials or open the cloud console

User logs in → AuthFI checks roles → Finds cloud mapping → Issues OIDC token → Exchanges for cloud credentials

Supported providers

API Endpoints

User-facing (Auth API)

Admin (Management API)

Policy conditions

Role mappings support conditions:

{
  "require_mfa": true,
  "allowed_ips": ["10.0.0.0/8"],
  "time_window": {
    "start": "09:00",
    "end": "18:00",
    "tz": "UTC"
  }
}

Plan availability

Next steps

• AWS Setup
• GCP Setup (coming soon)
• Azure Setup (coming soon)
• OCI Setup (coming soon)