Akeyless offers a number of settings which are available for users to update in their accounts, from personal information to account-wide secrets settings.
Items that can be changed range from the look and feel of the UI to how users interact with secrets to additional security measures.
Account Settings options from the CLI, use the following command:
akeyless update-account-settings -h
You can find all the available commands in the CLI Reference.
To access these settings, click on the profile image on the top-right corner of the UI and choose "Account Settings".
To update your profile avatar, click on the pencil icon next to the image. This option is only available from the console.
A custom logo (for both Light and Dark modes) as well as a custom Favicon can be added by clicking on the respective buttons. This option is only available from the console.
Users can update the name of their company by clicking the pencil next to that field.
To change your password, click the "Change Password" button. This option is only available from the console.
Users have the ability to add MFA to their accounts using either of the following options. This feature is only available from the console.
- Authenticator App: When this feature is enabled, a popup will ask the user to scan the QR code with an authentication app on their device or enter the code given on screen.
- Email Address: When this feature is enabled, a popup will ask the user to check their email for a 6-digit code to confirm.
To update the address information on the account, click on the pencil icons, updating the information in each field individually, and clicking on the check mark to save.
When enabled, this feature allows the user to choose the maximum number of versions of Static Secrets, Rotated Secrets, and Targets to keep in the account for a given item. To update it, click on the pencil icon, choose a number, and click the check mark to save.
When enabled, this feature allows only users with Admin access to delete items in the account and will set the default for new items create with Delete Protection enabled.
Protection Key Type
Users can choose which types of Encryption Keys can be used as a Protection Key for items in the account. Simply enable them to allow the option. DFC cannot be disabled.
Default Protection Key
Users can choose a default Encryption Key to protect all of their items. If you choose to enable Exclusively use default key, this will lock the Encryption Key making it the only option to be used for all items.
This allows users to request temporary access or to elevate their current permissions for specific items using a built-in approval workflow which requires approval from the system admin. See the Request Access page for more info.
Password Generation Policy
This feature enables users to set the minimum length of passwords generated by Akeyless for the Password Manager. This includes capital and lowercase letters, numbers, and special characters options.
Item Sharing is enabled by default. Users can also set the default TTL to choose how long shared items will be available to a user whom with an item is shared.
OIDC Provider Settings
This setting is enabled by default. Users can also edit the Signing Algorithm, Rotation TTL, Validation TTL, ID Token TTL, and Access Token TTL. For more information, see the docs on using the OIDC Identity Provider.
Item Naming Convention
Users can choose which characters are invalid for use in item names. Simply add all the characters you want to exclude and hit Enter. Only new items created after this change are affected.
Set a global event for secrets that have not been used or changed within the usage interval, the minimum is 90 days. The usage interval counter will start from the moment this feature is enabled.
Authentication Methods TTL
Users can set the default length of time Authentication Methods in the account will last. At the max time set, the user will be logged out of Akeyless.
Account Owner Authentication
This option will force authentication of the Owner of the account. Please note that this action will lock the default login out of the account. Approving this is irreversible and can not be revoked without direct contact with Akeyless Support.
Set a global event for Auth methods that have not been used or changed within the usage interval, the minimum is 90 days. The usage interval counter will start from the moment this feature is enabled.
Updated 8 days ago