Centralized YubiKey
Management Platform
Deploy and manage hardware-backed authentication for AD / Entra & OIDC apps at scale — without per-user licensing or SaaS.
Meeting Enterprise & Regulatory Demands
Focused on European public sector, critical infrastructure, and other NIS2-in-scope organizations.
Kleidia helps you meet NIS2 and ISO 27001 requirements around strong authentication, key management, and logging. Final compliance always depends on your overall security program and policies.
NIS2 Compliance Requirements
EU's NIS2 Directive mandates strong multi-factor authentication for critical infrastructure and essential services.
Beyond Password Security
Regulatory frameworks globally require phishing-resistant authentication that passwords cannot provide.
Audit & Accountability
Enterprise compliance demands complete audit trails of device provisioning, usage, and lifecycle events.
Managing YubiKeys Shouldn't Require a Help Desk
Organizations struggle with operational complexity, support overhead, and compliance gaps when managing hardware security keys at scale.
IT Bottlenecks & Ticket Volume
PIN resets and lost keys create constant IT emergencies, slowing users down and draining helpdesk capacity.
Manual Setup & Fragile Integrations
PIV/cert workflows and enterprise integrations (AD/Entra, CA, OIDC) often rely on brittle scripts and ongoing maintenance.
Compliance Without Visibility
Manual processes lack the logging and audit trails needed for standards like NIS2 and ISO 27001.
Kleidia - Built for Enterprise
Everything you need to manage YubiKeys at scale, securely, with low friction.
End-User Self-Service
Users can safely reset PINs and manage certificates without opening tickets. Eliminate IT overhead and deployment delays.
Enterprise-Ready Security
Hardware-backed keys, tightly integrated with your existing PKI. OpenBao-backed certificate issuance, no plaintext secrets at rest, and a complete audit trail for every operation.
Modern Tech Stack
Built with Go, Vue.js 3, PostgreSQL, OpenBao, and Kubernetes for easy self-hosting, upgrades and observability.
Device Lifecycle
Complete YubiKey management from registration to certificate operations and secure deletion.
Scalability & Performance
Scalable to handle thousands of YubiKeys. Scales dynamically with your needs.
IT Operations Friendly
Comprehensive documentation, and Helm charts deployment with automated certificate management.
Transparent, Fixed Pricing
No user-based licensing. No hidden fees. Just honest, predictable pricing built for European enterprises.
Why We Built Kleidia
Our founders experienced firsthand the frustration of unpredictable user-based licensing models. As organization or adaption grows, costs can spiral out of control. Budget planning becomes challenging. We knew there had to be a better way—one that respects enterprise budgets and simplifies procurement. That's why we created Kleidia with transparent, flat-rate pricing from day one.
19,000€
per year + applicable taxes
Everything Included
Complete platform access with no per-user fees
Managed appliance option available for customers who prefer a fully managed Kleidia deployment.
Professional services and implementation quoted separately. Support provided during EU business hours.
Traditional User-Based Licensing
Kleidia Fixed Pricing Model
European Sovereignty & Control
Built in Europe, for European organizations
EU-Based Development
Developed and maintained by European engineering team
Complete Data Control
Deploy in your own infrastructure with full data sovereignty
EU Procurement Friendly
Simplified tender process with transparent, fixed pricing
Simplified Procurement Under EU Regulations
Fixed annual pricing means one line item in your tender instead of per-user estimates, change orders and 'true-ups'.
Licence terms designed to fit standard EU public-sector contracts.
How It Fits Your Stack
Local agents with lightning-fast user experience. Just start and go.
Backend Server
Encryption
Enterprise-Grade Security
Built with security-first principles. Your YubiKeys and secrets are protected by industry-leading encryption.
RSA-OAEP Encryption
4096-bit RSA keys for all sensitive operations. Keys are ephemeral and expire with user sessions.
Zero Plaintext Transmission
Secrets never transmitted unencrypted. Complete end-to-end encryption from client to server.
Complete Audit Trail
Comprehensive logging of all administrative actions and device operations for compliance.
OpenBao Integration
Industry-standard OpenBao for centralized secret management and key rotation.
Ready to Transform Your
YubiKey Lifecycle Management?
Deploy Kleidia with Helm charts. Enterprise-grade solution ready for production environments at any scale.
Featured on Product Hunt
© 2024 Kleidia. Self-hosted YubiKey management platform. Made in EU.