EXTENSIONS
User-built models, drivers, vaults, and reports — the parts that plug into swamp.
Filter by what you need and pull what fits.
Zitadel
Careful, non-destructive administration of a Zitadel instance over its Management API (v1 REST), authenticated with a JWT private-key service account. Read/audit of orgs, projects, applications, users and managers; idempotent provisioning of OIDC/API applications and machine (service) users; project-role and user-grant authorization (roles, grants, and the role-assertion flag that surfaces roles in tokens); rotation of client secrets, PATs, machine keys and secrets; and reversible deactivate/reactivate. Machine identities only. The only hard delete is a single, verify-first project-role removal (roles have no deactivate state); secrets are emitted once and marked sensitive.
Trust Network
Inventory and report on OIDC trust policies and workload-identity federation across GitHub, Google Cloud, and Cloudflare One.