OrbitalPassport
Identity Fabric for Every Entity
Every ecosystem has the same problem: too many things need identity, and none of the identity systems were built for what's coming. The average enterprise now runs 45–90 non-human identities for every human one — agents, services, devices, automation clients — and most of them authenticate through workarounds that were never designed for this scale.
OrbitalPassport is the identity fabric. It issues credentials to every entity in your ecosystem — humans, organizations, devices, AI agents, and services — and places them all in the same permission graph with the same trust-scoring system. One identity layer. No special cases.
Key Capabilities
Universal Entity Graph
Humans, organizations, devices, AI agents, and services all get first-class credentials in one unified permission graph. No second-class citizens, no workaround auth.
Trust Scoring
Every entity gets a trust level that evolves with behavior and verification. Scored dynamically — not set once at onboarding and forgotten.
Fine-grained Permissions
Control who can access what, down to the resource level. Role-based and attribute-based access control across every entity type.
Agent & Device Credentials
Purpose-built credential types for non-human entities. API keys, device certificates, agent tokens — all managed in the same system as human accounts.
Multi-app SSO
One login, one session, everywhere. Add new services without rebuilding auth. Your apps redirect to Passport — no auth code, no credential storage.
Enterprise Security
2FA, session management, password recovery, audit logging, and organization-level policy enforcement out of the box.
Design Principles
Five commitments built into every layer of OrbitalPassport — not marketing claims, but architectural decisions.
Accountability
Every action is attributable to an identity. No anonymous operations, no shared credentials, no audit gaps. If something happens, you know exactly which entity did it.
Dynamic Privileges
Permissions adjust based on context, trust score, and behavior — not just role assignment. An agent that drifts from expected patterns gets restricted automatically.
Intent Recording
Every privileged action records why it was requested, not just what happened. Audit trails capture intent alongside outcome for meaningful compliance.
Portability
Identities and credentials are not locked to a single application or deployment. Move between services, environments, and providers without re-onboarding.
Verifiability
Any system in the ecosystem can independently verify an entity’s identity, trust level, and permissions without calling home. Decentralized validation, centralized issuance.
Entity Types
Every entity in the ecosystem gets a first-class identity — same graph, same trust model, same permission system.
| Entity | Credential Type | Trust Progression |
|---|---|---|
| Human Users | Email + password, 2FA, SSO tokens | Verified → Trusted → Admin |
| Organizations | Org certificates, delegated admin | Registered → Verified → Enterprise |
| AI Agents | Agent tokens, scoped API keys | Provisional → Scored → Autonomous |
| Devices / IoT | Device certificates, hardware attestation | Enrolled → Attested → Trusted |
| Services | Service accounts, mutual TLS | Registered → Monitored → Verified |
Trust Lifecycle
From first registration to continuous trust scoring — how entities earn and maintain access.
Entity registers with Passport (human signup, agent provisioning, or device enrollment)
Initial credential issued at base trust level
Progressive verification raises trust: email confirmation → document check → behavioral history
Trust score feeds into permission graph — higher trust unlocks broader access
Continuous monitoring by OrbitalGuard adjusts trust dynamically based on behavior
How It Works
Your apps redirect to Passport for login — humans, agents, and devices alike
Passport issues credentials and places the entity in the permission graph
Trust level is scored based on verification depth and behavioral history
Entity is redirected back — authenticated, authorized, and continuously monitored