Announcing Pomerium v0.20
New year, new big release! We’re thrilled to announce Pomerium v0.20, including:
- Time-saving features for developers
- Making Autocert even more auto-ey
- Giving Enterprises the ability to customize branding and error messages
- As well as changes to how we source identity provider directory data.
So, what’s in v0.20, why is it important, and how does this release better help teams secure frictionless access to apps and services?
New Javascript SDK for app developers
Application developers rejoice — our new Javascript SDK saves you time implementing authentication and authorization for internal application, services, and portals. By using this SDK, developers can placate the security team because Pomerium is handling access control, not the junior dev.
We hope this SDK frees up your time to be productive developing core business features! More time cooking and less time chopping.
Autocert now supports ACME TLS-ALPN
Our users already love that Autocert automagically generates secure, free valid certificates from LetsEncrypt for all routes and domains, but why not make it better? Now, you no longer need to open up additional ports to get TLS certificates. Win-win for everyone.
Pomerium Enterprise: Custom Branding Support
A customer recently expressed that while they like Pomerium purple, they would like to customize Pomerium’s UI for their own purposes. We made it possible!
Pomerium now supports custom logo, branding, and colors for enterprise users. This includes the ability to customize all error messages and prompts so your internal apps have a consistent look and feel!
Pomerium Enterprise: Self-remediation & Custom Errors
This one’s for our buddies in tech support and help desks. Pomerium already provides fine-grained context-based access control (our bread and butter), and this feature provides guidance to end-users for self-remediation when they encounter closed doors. The end goal is to lessen unnecessary support tickets by giving admins the ability to customize error messages and pop-ups so end-users can have a directed user flow to follow.
Some examples:
- User is on probation? “Please reach out to HR, not helpdesk.”
- User’s device identity cannot be trusted? “Please update your browser and encrypt your harddrive.”
- User coming in from a known Tor Exit node? “Sir, this isn’t Wendy’s.”
Pomerium Enterprise: New Group & Directory Sync Plugins
Following up on our zero-trust enabling External Data Sources feature, we’ve moved directory sync into enterprise so all external sources of data are treated in a consistent manner. This enterprise-only feature provides IT teams a more consistent, performant, observable, and enriched directory data source to write access policy against. Your user data will no longer be limited by your identity directory’s capabilities! Fear not, open source users will still be able to source groups information as a custom claims or user_info endpoint where supported.
Next Steps
We always recommend testing new releases in a separate environment before fully implementing them. If you run into any issues, don’t hesitate to let us know by submitting a report on the Pomerium GitHub issue tracker. In addition to the usual bug fixes and general improvements, this release also includes some exciting new features. You can find a full list of updates in the changelog.
Have a Happy 2023!
Working Towards Zero Trust
Using Pomerium at work? Pomerium Enterprise is purpose-built for companies moving from perimeter to zero trust and identity-based access methods. We are proud to support these companies with features and capabilities built specifically for their needs. To learn how Pomerium can support your organization’s needs, checkout our GitHub, documentation, or reach out to us directly.
