Documentation

Vouch replaces the static secrets your team manages today — AWS access keys, SSH keys, GitHub PATs, registry passwords — with short-lived credentials backed by a YubiKey. One tap, up to 8 hours of access, full audit trail.

New to Vouch? Start with the Getting Started guide to install the CLI and enroll your YubiKey.

Choose your path

For developers

Install the CLI, enroll your YubiKey, and verify your first hardware-backed session.

Start the guide

For admins

Configure organization settings, identity lifecycle, SAML, and device posture policies.

Admin dashboard · SCIM · SAML · Device posture

For security review

Review the credential lifecycle, trust boundaries, failure modes, and migration path.

Security · Threat model · Architecture · Availability · Migration

For DevOps and platform teams

Roll Vouch out to a growing team — AWS, EKS, CodeCommit, CodeArtifact, and more, without becoming the bottleneck.

Use the rollout playbook · Starting from scratch?