ContractSources Sought

Request for Information - Cloud-Native DRM Solution

LIBRARY OF CONGRESS• 2026-CIO-0275

Response Deadline

May 20, 2026

21 days left

Days Remaining

Until deadline

Set-Aside

No Set aside used

Notice Type

Sources Sought

Contract Opportunity Analysis

The Library of Congress is seeking information for a commercial, cloud-native digital rights management solution to support market research and planning. The required solution must protect digital assets and manage persistent usage rights across the library’s digital content workflows, including ingest, encryption, storage, and controlled access. The scope emphasizes API-driven integration with existing AWS and Azure environments and Java, Python, and Angular applications, along with support for authentication, concurrent users, file-format coverage, security controls, auditing, and performance needs in Washington, D.C. Responses are due by May 20, 2026, and the point of contact is Veronica Price, with Stefanie Fitte listed as a secondary contact.

Classification Codes

NAICS Code

Information

PSC Code

DA10

IT AND TELECOM - BUSINESS APPLICATION/APPLICATION DEVELOPMENT SOFTWARE AS A SERVICE

Solicitation Documents

1 Files

Request for Information.pdf

PDF•126 KB•Apr 21, 2026

AI Summary

The Library of Congress (LOC) has issued a Request for Information (RFI) for a commercial, API-driven Digital Rights Management (DRM) solution. This RFI is for market research and planning purposes to find a cloud-native solution that integrates with LOC's existing AWS and Azure infrastructure, Java, Python, and Angular applications. The LOC manages over 2 million digital files annually and requires a DRM solution to secure these assets at rest and in transit, enforcing persistent usage rights. Key requirements include support for MS Entra and login.gov authentication, handling 5,000+ external and 300+ internal concurrent users, and managing various file formats (audio, video, office, text, etc.). The desired workflow involves ingesting, protecting via API encryption, storing protected files in cloud storage, and accessing files through SSO with DRM client validation. Files must remain read-only and encrypted at rest. The LOC seeks detailed technical responses on company profile, FedRAMP status, U.S.-based support, solution architecture (SaaS/PaaS, containerization, client requirements), API capabilities (protocols, SDKs, sandbox, core DRM functions like streaming encryption, policy abstraction, revocation, metadata handling), authentication (OIDC/SAML, JIT provisioning, service accounts, role-based access), security (AES-256, FIPS 140-2/3, BYOK, data residency), performance (latency, offline access), auditing, pricing, and UI features. Responses are due by May 20, 2026.

Related Contract Opportunities

Project Timeline

postedOriginal Solicitation PostedApr 21, 2026

deadlineResponse DeadlineMay 20, 2026

expiryArchive DateJun 4, 2026

Agency Information

Department

LIBRARY OF CONGRESS

Sub-Tier

LIBRARY OF CONGRESS

Office

CONTRACTS SERVICES

Point of Contact

Name

Veronica Price

Emailvprice@loc.gov

Phone2023743046

Place of Performance

Washington, District of Columbia, UNITED STATES

Official Sources

View on SAM.gov