From login to on-chain call.
Six steps. A single signature. The user experience is one corporate sign-in followed by a normal transaction approval — the on-chain mechanics never surface.
Step 01
Authenticate
User signs in to Azure AD / Entra with corporate SSO and MFA.
Step 02
Authorize
Keycloak resolves the user's roles, groups and entitlements.
Step 03
Bind
SymmetriQ issues or unlocks a DID bound to that identity, scoped to policy.
Step 04
Evaluate
User initiates a contract action; the policy engine evaluates role, quorum, time, rate.
Step 05
Sign
HSM / TPM / Secure Enclave produces the DID signature — keys never leave hardware.
Step 06
Verify
The contract calls the SymmetriQ verifier on-chain. Every step is logged for audit.
Compliance without centralization.
Azure AD, Entra and Keycloak govern who your users are, what role they hold, and what they may do.
Smart contracts on a permissionless EVM care only about a private key — anonymous, ungoverned, irrevocable.
Bolting one onto the other usually means custodial wallets, off-chain whitelists, or a permissioned fork. Each breaks something — control, auditability, or interoperability.
SymmetriQ breaks none of them.