Securing
Akka offers multiple levels of authentication and authorization that can be used to secure services, projects and organizations. Which levels are right for you will depend greatly on your use case. These levels of security are complementary. In some cases, it may make sense to utilize multiple levels of Akka security features.
Project level
Access to projects is managed by granting users roles. Different roles enable different capabilities when interacting with a project. To understand which roles exist and how to assign them, refer to the section Managing project users. Project membership is managed via the akka roles commands.
To allow for scripted access to projects, Akka supports authentication tokens. For details see Integrating with CI/CD tools.
Akka also provides secret management for each project, typically used for passwords, login credentials, keys, etc. You can provide secrets to your services through environment variables. For details see Manage secrets section.
Organization level
Similarly to projects, access to organizations is managed by granting users roles that provide different capabilities. To understand which roles exist and how to assign them, consult the section Managing organization users. Organization membership is managed via the akka organization invitations and akka organization users commands.
Single Sign-On
Akka supports Single Sign-On (SSO) integration via OpenID Connect with third party providers such as Auth0, Okta, and others. The Akka CLI supports configuring the desired OpenID Connect integration. For further details, please contact our support team.
Multifactor authentication (MFA)
Users accounts in Akka may be protected with multifactor authentication (MFA) for increased security. Organizations in Akka can require their members to set up MFA before joining the organization. For further details, please contact our support team.
Audit logging for operating Akka services
Akka records all executed commands when operating services for audit logging purposes. For further details, please contact our support team.