# Smallstep Platform Reviews **Vendor:** Smallstep **Category:** [Privileged Access Management (PAM) Software](https://www.g2.com/categories/privileged-access-management-pam) **Average Rating:** 4.2/5.0 **Total Reviews:** 10 ## About Smallstep Platform Smallstep is a certificate management and device identity platform that helps organizations automate encryption, authentication, and access control across devices, users, and workloads. It provides a unified approach to establishing digital trust using cryptographic certificates rather than passwords or shared secrets. Smallstep is designed for IT, security, and DevOps teams that manage distributed infrastructure across on-premises, hybrid, and cloud environments. It supports use cases such as device identity verification, Wi-Fi and VPN access control, SSH access management, and secure workload communication. Core Capabilities Certificate Authority and Lifecycle Automation: Step CA Pro serves as an enterprise-grade Certificate Authority (CA) supporting automated issuance, renewal, and revocation of X.509 and SSH certificates. It includes high-availability deployment options, registration authority mode, active revocation (OCSP), and integration with existing PKI and CLM platforms. Device Identity Management: Uses ACME Device Attestation (ACME DA), developed in collaboration with Google and Apple, to verify device authenticity through hardware-backed cryptographic attestation. Hardware-Bound Credentials: Leverages Trusted Platform Modules (TPMs) and Secure Enclaves to generate and store private keys that cannot be exported or cloned. Zero Trust Enablement: Integrates with major identity and device management systems such as Okta, Jamf, Intune, and Workspace ONE to provide certificate-based authentication for Zero Trust network access. Cross-Platform Compatibility: Supports macOS, iOS, iPadOS, Windows, Linux, Android, and ChromeOS devices for unified management across heterogeneous environments. Common Use Cases Managing device-based authentication for Wi-Fi (WPA3 Enterprise / EAP-TLS) and VPNs Automating TLS certificates for internal applications, databases, and APIs Enabling SSH access with short-lived certificates tied to user and device identity Implementing hardware-backed credentials for Zero Trust architectures By replacing password- or token-based authentication with certificate-based verification, Smallstep helps organizations enforce strong cryptographic assurance across devices and systems, improving security posture while reducing administrative overhead. ## Smallstep Platform Pros & Cons **What users like:** - Users find Smallstep to be **easy to implement and use** , enhancing security without complicating the process. (5 reviews) - Users appreciate the **secure access** of Smallstep Platform, enjoying easy management and confidence in device identity control. (3 reviews) - Users appreciate the **effective device identity management** of Smallstep Platform, ensuring robust, seamless access control across platforms. (2 reviews) - Users appreciate the **accessibility** of Smallstep Platform, simplifying certificate management and supporting seamless device identity handling. (2 reviews) - Users appreciate the **cross-platform compatibility** of Smallstep, enabling seamless access across various devices and operating systems. (2 reviews) - Security (2 reviews) - Automation (1 reviews) - Flexibility (1 reviews) - Implementation Ease (1 reviews) - MFA Security (1 reviews) **What users dislike:** - Users find the **expensive pricing** of Smallstep Platform difficult to accommodate within their budget constraints. (3 reviews) - Users find the **complex setup** daunting, often struggling with advanced configurations and integration with older systems. (2 reviews) - Users find the **documentation complex** , making setup challenging, especially with advanced configurations and older systems. (2 reviews) - Users find the **integration difficult** , especially with legacy systems, leading to time-consuming setups and troubleshooting. (2 reviews) - Users find the **poor documentation** challenging, especially for those unfamiliar with certificates or zero-trust models. (1 reviews) - Setup Difficulty (1 reviews) - Steep Learning Curve (1 reviews) ## Smallstep Platform Reviews ### 1. Smart and secure device identity platform - Small Step **Rating:** 4.5/5.0 stars **Reviewed by:** Ayushi J. | Digital Marketing Manager, Small-Business (50 or fewer emp.) **Reviewed Date:** November 08, 2025 **What do you like best about Smallstep Platform?** Smallstep makes device identity and certificate security simple and reliable. It brings zero-trust principles to real devices, not just users, which feels very modern and secure. I like that it works across Windows, macOS, Linux, and mobile devices. Once set up, it runs smoothly and gives strong confidence in device access control. **What do you dislike about Smallstep Platform?** Initial learning curve can feel high if you're not familiar with certificates or zero-trust models. Some advanced setup steps may require technical documentation and security knowledge. **What problems is Smallstep Platform solving and how is that benefiting you?** Smallstep solves the problem of securely proving that a device is trusted before it can access company systems. Instead of only checking the user, it verifies the device itself, making zero-trust security stronger. This removes manual certificate work, reduces security risks, and makes access smoother and more reliable. It gives peace of mind that only approved, secure devices are connecting, which improves safety and saves time. ### 2. Great for Cloud Certificates, but Setup Isn’t Always a Breeze **Rating:** 4.0/5.0 stars **Reviewed by:** Kesit Budi K. | Software engineer, Enterprise (> 1000 emp.) **Reviewed Date:** November 06, 2025 **What do you like best about Smallstep Platform?** Honestly, Smallstep makes dealing with certificates way easier, especially if you work with Kubernetes or want to automate renewals and revocations without a headache. I really like that you can do most things either through a nice command line or a web GUI—so you’re not stuck with just one way of doing things. The open source vibe is strong too; lots of community input, and you’re able to tweak things if you want. Security feels under control since you can manage who’s allowed what pretty quickly. **What do you dislike about Smallstep Platform?** Getting everything up and running can be a bit tricky, especially if you have to link it with older systems that don’t play nice with new tools. The docs help but sometimes you just hit a wall and spend ages figuring out what’s wrong. High-availability stuff and key management could be smoother too—sometimes I wish it just worked out of the box, but you’ll probably need extra setup to get it all synced and stable for bigger teams. **What problems is Smallstep Platform solving and how is that benefiting you?** For me, Smallstep is basically plugging a huge hole in certificate management. Before, keeping track of SSL/TLS certificates, renewals, and making sure everything is secure felt like juggling a bunch of bowling balls—one slip and something breaks. Smallstep automates all the annoying bits, like renewing certs before they expire, revoking access when someone leaves the team, and killing manual setup steps. It saves me a ton of time, especially with cloud tools and Kubernetes, since I don’t have to babysit certificates or write weird scripts just to keep services talking securely. The biggest win is less stress and less downtime. I don’t have to worry about waking up to “your certificate expired” messages or services randomly failing because of some certificate issue. Plus, having everything managed by one platform means security and compliance just happens in the background, no drama. So yeah—Smallstep lets me focus on real work, not on fixing broken certificates! ### 3. Effortless Device Identity and Seamless Integration **Rating:** 4.0/5.0 stars **Reviewed by:** Satendra S. | Developer, Mid-Market (51-1000 emp.) **Reviewed Date:** November 06, 2025 **What do you like best about Smallstep Platform?** I like how effortlessly it handles device identity in a secure and transparent way, easy permission handling, cross platform support. **What do you dislike about Smallstep Platform?** the initial setup can be a bit tricky for users who aren’t familiar with device identity concepts. Additionally, some legacy or non-standard devices may not fully support hardware-based attestation, requiring workarounds. **What problems is Smallstep Platform solving and how is that benefiting you?** we are trying to bridge the gap in device-level security by ensuring that only trusted hardware can access corporate resources. This prevents unauthorized access even if user credentials are compromised. For me, this means greater confidence in securing sensitive data, smoother compliance with internal security policies, and less time spent worrying about rogue or unmanaged devices on the network ### 4. Effortless Certificate Management and Streamlined Device Identity **Rating:** 5.0/5.0 stars **Reviewed by:** jayanth r. | Sr Solution Architect, Mid-Market (51-1000 emp.) **Reviewed Date:** November 08, 2025 **What do you like best about Smallstep Platform?** simplified certificate management, reducing administrative overhead, and closing device identity gaps . **What do you dislike about Smallstep Platform?** Not free after 50 endpoints Documentation complexity for advanced configs **What problems is Smallstep Platform solving and how is that benefiting you?** The product offers end-to-end encryption along with privileged access control. These features provide a strong layer of security, ensuring that data remains protected and only authorized users can access sensitive information. ### 5. Excellent EAP-TLS Research Capabilities **Rating:** 4.0/5.0 stars **Reviewed by:** Verified User in Primary/Secondary Education | Enterprise (> 1000 emp.) **Reviewed Date:** January 06, 2026 **What do you like best about Smallstep Platform?** Researching EAP-TLS solutions and various cloud PKIS **What do you dislike about Smallstep Platform?** The price of the the product is very concerning **What problems is Smallstep Platform solving and how is that benefiting you?** The Smallstep platform is an excellent vehichle to drice device attesation and PKI ### 6. Easy Certificate Issuing, But Pricing Needs Improvement **Rating:** 2.5/5.0 stars **Reviewed by:** Verified User in Primary/Secondary Education | Enterprise (> 1000 emp.) **Reviewed Date:** January 06, 2026 **What do you like best about Smallstep Platform?** Simple and straightforward certificate issuing **What do you dislike about Smallstep Platform?** Price was much higher than we were able to budget for **What problems is Smallstep Platform solving and how is that benefiting you?** A cloud provider able to issue and manage certificates ### 7. Wonderfully great way of administering and consuming certificates in the cloud native eco-system. **Rating:** 5.0/5.0 stars **Reviewed by:** Verified User in Retail | Enterprise (> 1000 emp.) **Reviewed Date:** November 06, 2025 **What do you like best about Smallstep Platform?** The ability to use a highly efficient and kubernetes compatible CA and certificate life-time management platform. **What do you dislike about Smallstep Platform?** Was a hard nut to crack ... getting going. But, I'm leaning towards this being the nature of the domain. **What problems is Smallstep Platform solving and how is that benefiting you?** - Cert. issuing - Cert. management - compliant and secure cert. management platform ### 8. Effortless Implementation and Seamless Performance **Rating:** 4.0/5.0 stars **Reviewed by:** Verified User in Computer Software | Mid-Market (51-1000 emp.) **Reviewed Date:** November 06, 2025 **What do you like best about Smallstep Platform?** Smallstep was very easy to implement and use. **What do you dislike about Smallstep Platform?** Really can't think of a thing; it just works. **What problems is Smallstep Platform solving and how is that benefiting you?** ssh access ### 9. SSH connection and security **Rating:** 4.0/5.0 stars **Reviewed by:** Arthur G. | Software engineer, Small-Business (50 or fewer emp.) **Reviewed Date:** June 16, 2022 **What do you like best about Smallstep Platform?** I like the revoked permissions of users that I don't want to be on the list, when I write the command line and send the request to the server the server rejects the user due to its security configuration. **What do you dislike about Smallstep Platform?** Integrating into legacy application servers is difficult. **What problems is Smallstep Platform solving and how is that benefiting you?** Connect with an alternative user list for more user functions, and share data and configuration by terminal to the server. ### 10. Website security **Rating:** 4.5/5.0 stars **Reviewed by:** Omar O. | Application developer, Small-Business (50 or fewer emp.) **Reviewed Date:** June 17, 2022 **What do you like best about Smallstep Platform?** Data organizer by GUI, web and PC data redundancy, local server to the Internet. Folders and sync **What do you dislike about Smallstep Platform?** To date I have no performance issues, everything works perfectly! **What problems is Smallstep Platform solving and how is that benefiting you?** Organize data in the high-security server, system stability control and data redundancy for each file, configuration and database stored and safe. ## Smallstep Platform Discussions - [What is Smallstep Single Sign-on SSH used for?](https://www.g2.com/discussions/what-is-smallstep-single-sign-on-ssh-used-for) - [View Smallstep Platform pricing details and edition comparison](https://www.g2.com/products/smallstep-platform/reviews?section=pricing&secure%5Bexpires_at%5D=2026-05-15+18%3A22%3A16+-0500&secure%5Bsession_id%5D=a19acf9c-91db-4256-8ea2-af60ca500589&secure%5Btoken%5D=29e110a2b63cb0f57fa8e66675f7078abfe2fa193a2bf11e406ba842cd8e9534&format=llm_user) ## Smallstep Platform Integrations - [SSH Client/ Server](https://www.g2.com/products/ssh-client-server/reviews) ## Smallstep Platform Features **Administration** - Policy, User, and Role Management - Approval Workflows - Automated Provisioning - Bulk Changes - Centralized Management - Self-Service Access Requests **Functionality** - Multi-Factor Authentication - Single Sign-On - BYOD support - Password Vault - Centralized management - Role-based security - Live notifications - Live session recording & playback - Hide passwords - Temporary, time-limited privilege **Monitoring** - Audit Logging - Activity Logging - Anomaly Detection **Reporting** - Audit log - Reporting ## Top Smallstep Platform Alternatives - [JumpCloud](https://www.g2.com/products/jumpcloud/reviews) - 4.5/5.0 (3,830 reviews) - [Microsoft Entra ID](https://www.g2.com/products/microsoft-entra-id/reviews) - 4.5/5.0 (868 reviews) - [Agentforce 360 Platform (formerly Salesforce Platform)](https://www.g2.com/products/agentforce-360-platform-formerly-salesforce-platform/reviews) - 4.5/5.0 (3,775 reviews)