For enterprise

Single-tenant control plane. BYO IdP. Sovereign anchoring.

The enterprise tier ships a Beacons coordinator dedicated to your organization, federated with your existing IdP, with hardware-rooted identity options via eUICC and audit anchoring of your choosing.

Single-tenant coordinator

Your control plane runs on dedicated infrastructure. No noisy neighbors. Multi-region failover within the topology you specify — Fly.io regions or the L1fe AI K3s platform cluster, depending on the workload. Hardened, mTLS-enforced, and operated under a named SLA.

BYO identity provider

SAML 2.0 and OIDC federation to Okta, Azure AD, Google Workspace, Auth0, Keycloak, Ory Hydra, and any compliant provider. The human-root layer of OAS lineage federates to your IdP's subject claim; the rest of the lineage is cryptographic.

Hardware-rooted identity via eUICC

On Enterprise, Beacons offers hardware-bound identities through the eUICC secure element on cellular peers. Private keys live in the SIM. This is the consumed-by-Locks story turned outward — your enterprise can issue hardware-rooted DIDs to field devices via the internal Beacons eUICC API.

Sovereign anchoring options

Audit chain roots can be anchored to a sovereign Sigil network (rather than the public mainnet), to a private chain you operate, or to Sigil mainnet with privacy-preserving commitments. The architecture does not care which.

Named SLA + on-call

A named TAM. A 24/7 on-call rotation that pages directly to L1fe engineers. Quarterly business reviews. Standard enterprise machinery, run by humans who understand the architecture.

See also: Pricing · Trust center · Security model · Contact

Open a fleet

The mesh that fits agents and humans.

A `did:oas`-rooted private mesh that ships peer configurations to any device, anywhere, by policy — not by hand.

Open consoleRead the quickstart