heimdall-proxy
Fiscal Host: Open Collective Europe
Development and maintenance of heimdall - an open source identity aware proxy
Contribute
Become a financial contributor.
Financial Contributions
Top financial contributors
Organizations
GitHub Sponsors
€115.69 EUR since Oct 2025
Individuals
Dimitrij Drus
€5 EUR since Aug 2025
heimdall-proxy is all of us
Our contributors 3
Thank you for supporting heimdall-proxy.
Budget
Transparent and open finances.
+€115.69EUR
Completed
Added funds #889137
Credit from Dimitrij Drus to heimdall-proxy •
+€5.00EUR
Completed
Contribution #877286
€
Today’s balance€108.27 EUR
Total raised
€108.27 EUR
Total disbursed
--.-- EUR
Estimated annual budget
€120.69 EUR
Connect
Let’s get the ball rolling!
News from heimdall-proxy
Updates on our activities and progress.
New v0.17.0 release is there 🎉
We’ve just released Heimdall v0.17.0 with several improvements and new features aimed at making rule evaluation and request handling more flexible. Key Changes CEL Authorizer Enhancements: The cel authorize...
Published on August 19, 2025 by Dimitrij Drus
Conversations
Let’s get the discussion going! This is a space for the community to converse, ask questions, say thank you, and get things done together.
Join the Heimdall community
Published on August 19, 2025 by Dimitrij Drus
Join the Heimdall community to discuss ideas, ask questions, and follow development: Discord – the main hub for conversations, feature ideas, support, and real-time discussion....
About
About Heimdall
Heimdall is an open-source Identity-Aware Proxy and Access Control Decision service, specifically designed for modern, cloud-native environments. It enables the adoption of Zero Trust architecture by authenticating, enriching, and authorizing incoming HTTP requests.
Why the project matters
- Reduce the cognitive load of your team: By delegating auth decisions to Heimdall, developers can simplify application logic and shift focus toward core functionality.
- Secure defaults: Heimdall supports default logic for unmatched requests, helping ensure safe and predictable system behavior.
- Reusable, declarative rule definitions: Define RuleSets (e.g., using Kubernetes CRDs or other sources) declaratively and apply them across services to promote consistency and DRY principles
Features & Flexibility
- Enrichment and context injection: Dynamically augment requests with user or contextual data to enhance authorization decisions.
- Support for complex logic: Lets you write powerful yet readable rules to manage pipeline behavior (authentication → authorization → context enrichment).
- Freedom of choice with authentication/authorization systems: Heimdall integrates seamlessly with OpenID Connect and OAuth2 providers, and works with diverse authorization systems — OpenFGA, Ory Keto, OPA, and many more.
How It Works
Heimdall works either as a standalone proxy in front of your services or embedded within an API gateway or proxy (e.g., Kong, NGINX, Envoy, Traefik). It intercepts incoming requests, applies rules, enriches or blocks as needed, then passes control along to your downstream services
Rules can be loaded dynamically from:
- Kubernetes Custom Resources (using the Heimdall RuleSet CRD),
- Cloud storage (like AWS S3, Google Cloud Storage),
- Local filesystem locations,
- Any HTTP(S) endpoint
This design supports centralized or per-service rule management — perfect for dynamic, scalable setups.
Why Support This Collective
This collective exists to sustain and scale heimdall by:
- Funding core development and maintenance
- Expanding documentation, examples, and onboarding resources
- Building new integrations and community-requested features
Supporting the project helps developers and teams everywhere adopt Zero Trust practices with minimal friction.
If Heimdall helps secure your applications, please consider contributing — whether through financial support, documentation contributions, or feedback. Your help ensures the project stays robust, reliable, and growing.
Our team
Dimitrij Drus
Admin
Alik
Admin