The SPIFFE Project
Clone or download
drrt Merge pull request #97 from evan2645/remove-svid-test
Remove the svid-test directory
Latest commit 4365db7 Jan 10, 2019


The Secure Production Identity Framework For Everyone (SPIFFE) Project defines a framework and set of standards for identifying and securing communications between web-based services. At its heart, SPIFFE is:

  • A standard defining how services identify themselves to each other. These are called SPIFFE IDs and are implemented as Uniform Resource Identifiers (URIs).

  • A standard for encoding SPIFFE IDs in a cryptographically-verifiable document called a SPIFFE Verifiable Identity Document or SVIDs.

  • An API specification for issuing and/or retrieving SVIDs. This is the Workload API.

The SPIFFE Project is also producing a reference implementation that, in addition to the above, will:

  • Perform node and workload attestation.
  • Implement a signing framework for securely issuing and renewing SVIDs.
  • Provide an API for registering nodes and workloads, along with their designated SPIFFE IDs.

SPIFFE is hosted by the Cloud Native Computing Foundation (CNCF) as a sandbox level project. If you are an organization that wants to help shape the evolution of technologies that are container-packaged, dynamically-scheduled and microservices-oriented, consider joining the CNCF. For details read the CNCF announcement.

SPIFFE Standards

Getting Started

  • spiffe: This repository includes the SPIFFE ID, SVID and Workload API specifications, example code, and tests, as well as project governance, policies, and processes.
  • spire: This is a reference implementation of SPIFFE and the SPIFFE Workload API that can be run on and accross varying hosting environments.
  • spiffe-examples: Examples and demonstrations.
  • go-spiffe: Golang client libraries.



SIGs & Working Groups

Most community activity is organized into Special Interest Groups (SIGs), time-bounded working groups, and our monthly community-wide meetings. SIGs follow these guidelines, although each may operate differently depending on their needs and workflows. Each group's material can be found in the /sigs directory of this repository.

Name Leads Group Slack Channel Meetings
Components Oliver Liu (Google, Inc.) Here Here Notes
Integration: AWS Jon Debonis (Blend, Inc.) Here Here Notes
Integration: gRPC Lizan Zhou (Google, Inc.) Here Here Notes
Integration: Kubernetes Vipin Jain (Pensando, Inc.) & Tao Li (Google, Inc.) Here Here Notes
Specification Evan Gilman (Scytale, Inc.) Here Here Notes

Follow the SPIFFE Project You can find us on Github and Twitter.