The Akeyless Dev Hub

If you're looking for help with the only zero-trust, SaaS, unified platform for secrets management - you've come to the right place.

This is our documentation and updates center.

Documentation

Part 2: Authentication & Authorization

At heart, Akeyless is all about authenticating identities and authorizing them to access secrets.

The platform serves two main types of identities: human identities and machine identities. When we say machine, we are of course referring collectively to script, service, microservice, container, VM, and so on; anything that is not run manually using a human identity.

Each identity is represented by an Authentication Method object. Each Authentication Method is associated with an Access Role that grants different levels of permission (including create, read, list, update, and deny) to specific secrets. Depending on the permissions granted, the identity either gets access to the secret value, or access to the resource for which the secret is defined.

Examples

Let's see how this process works for a machine identity.

  1. A container that requires credentials to connect to a SQL server uses its AWS Role to authenticate to Akeyless.

  2. Akeyless checks in the associated role permissions that the container can access the secret.

  3. Akeyless provides the secret to the container, which uses the credentials to interact directly with the SQL database.

The process is identical for human identities.

Updated 5 months ago


Part 2: Authentication & Authorization


Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.