When setting up your Akeyless account, you will assign it an email address and a password. This authentication method will allow you to invite your teammates to join your account and utilize the items and resources in it using their email addresses and setting up their own passwords.
While this flow is simple and easy to use, we recommend you mainly use it for basic onboarding.



While most authentication methods can be set from either the Akeyless Console or from the CLI, Email invitation to your account is an Akeyless Console exclusive.

Creating an Email Authentication

  1. Log in to the Akeyless Console and go to Users & Auth Methods > New > Email.

  2. Define a Name for the authentication method, and specify the Location as a path to the virtual folder where you want to create the new authentication method, using slash / separators. If the folder does not exist, it will be created together with the authentication method.

  3. Define the remaining parameters as follows:

  • Email: The email address of the invite recipient.

  • Expiration Date: Select the access expiration date. This parameter is optional. Leave it empty for access to continue without an expiration date.

  • Allowed Client IPs: Enter a comma-separated list of CIDR blocks from which the client can issue calls to the proxy. By "client," we mean CURL, SDK, etc. This parameter is optional. Leave it empty for unrestricted access.

  • Allowed Trusted Gateway IPs: Comma separated CIDR blocks. If specified, the Gateway using this IP range will be trusted to forward the original client IP. If empty, the Gateway's IP address will be used.

  • JWT TTL (in minutes): The timespan from acceptance of the invitation to the JWT expiration.

  1. Click "Save".

Saving will automatically send an invitation email to the specified address with a link to set a password and log-in to the account.


What's next?

Make sure to associate your new Authentication Method with an Access Role to grant the relevant permissions within Akeyless.