Account Settings

Suggest Edits

Akeyless offers a number of settings which are available for users to update in their accounts, from personal information to account-wide secrets settings.

Items that can be changed range from the look and feel of the UI to how users interact with secrets to additional security measures.

Update Account Settings from the Akeyless CLI

To view Account Settings options from the CLI, use the following command:

akeyless update-account-settings -h

You can find all the available commands in the CLI Reference.

Update Account Settings from the Akeyless Console

To access these settings, click on the profile image on the top-right corner of the UI and choose "Account Settings".

General Information

Profile Image

To update your profile avatar, click on the pencil icon next to the image. This option is only available from the console.

Branding Logos

A custom logo (for both Light and Dark modes) as well as a custom Favicon can be added by clicking on the respective buttons. This option is only available from the console.

Company Name

Users can update the name of their company by clicking the pencil next to that field.

Account Alias

Option to set an alias for the account, this requires Akeyless Customer Success help, to provide end users an option to sign in to akeyless using a human-friendly string, with an Auth Method full name instead of Access IDs.

Change Password

To change your password, click the "Change Password" button. This option is only available from the console.

Two-Factor Authentication

Users have the ability to add MFA to their accounts using either of the following options. This feature is only available from the console.

  1. Authenticator App: When this feature is enabled, a popup will ask the user to scan the QR code with an authentication app on their device or enter the code given on screen.
  2. Email Address: When this feature is enabled, a popup will ask the user to check their email for a 6-digit code to confirm.

Address

To update the address information on the account, click on the pencil icons, updating the information in each field individually, and clicking on the check mark to save.

Items Settings

Secret Versions

When enabled, this feature allows the user to choose the maximum number of versions of Static Secrets, Rotated Secrets, and Targets to keep in the account for a given item. To update it, click on the pencil icon, choose a number, and click the check mark to save. In addition, you can choose to force a new version on update when versions are enabled in the account.

Delete Protection

When enabled, this feature allows only users with Admin access to delete items in the account and will set the default for new items create with Delete Protection enabled.

Protection Key Type

Users can choose which types of Encryption Keys can be used as a Protection Key for items in the account. Simply enable them to allow the option. DFC cannot be disabled.

Default Protection Key

Users can choose a default Encryption Key to protect all of their items. If you choose to enable Exclusively use default key, this will lock the Encryption Key making it the only option to be used for all items.

Request Access

This allows users to request temporary access or to elevate their current permissions for specific items using a built-in approval workflow which requires approval from the system admin. See the Request Access page for more info.

Password Generation Policy

This feature enables users to set the minimum length of passwords generated by Akeyless for the Password Manager. This includes capital and lowercase letters, numbers, and special characters options.

Dynamic Secret Max TTL

This setting adds support to control globally the Maximum allowed TTL for all Dynamic Secrets in the Account.

Rotated Secret Max Rotation Interval

This setting adds support to control globally the Maximum Auto Rotation Interval for all Rotated Secrets in the Account.

Item Sharing

Item Sharing is enabled by default. Users can also set the default TTL to choose how long shared items will be available to a user whom with an item is shared.

OIDC Provider Settings

This setting is enabled by default. Users can also edit the Signing Algorithm, Rotation TTL, Validation TTL, ID Token TTL, and Access Token TTL. For more information, see the docs on using the OIDC Identity Provider.

Item Naming Convention

Users can choose which characters are invalid for use in item names. Simply add all the characters you want to exclude and hit Enter. Only new items created after this change are affected.

Usage Events

Set a global event for secrets that have not been used or changed within the usage interval, the minimum is 90 days. The usage interval counter will start from the moment this feature is enabled.

Authentication Settings

Authentication Methods TTL

Users can set the default length of time Authentication Methods in the account will last. At the max time set, the user will be logged out of Akeyless.

Account Owner Authentication

This option will force authentication of the Owner of the account. Please note that this action will lock the default login out of the account. Approving this is irreversible and can not be revoked without direct contact with Akeyless Support.

Usage Events

Set a global event for Auth methods that have not been used or changed within the usage interval, the minimum is 90 days. The usage interval counter will start from the moment this feature is enabled.

Updated about 1 month ago