Skip to main content
Authentication and authorization are foundational to protecting your system. While authentication confirms the user is, authorization controls that user can access or do. Both are essential to keep your applications secure and your data safe. In the case of Lerian’s products, since they’re open source and distributed on-premise—along with their plugins—there’s no need for a built-in multi-tenancy layer. Most clients already have their own authentication mechanisms, and we respect that. Still, we know that implementing fine-grained security controls isn’t always straightforward, especially when you’re dealing with critical applications. That’s why we’ve developed the Access Manager: an optional component designed to handle user access and identity management when you need more control at the application level.
Test the Access Manager locallyRun Lerian’s plugins without deploying to Kubernetes using our plugins-docker-compose repository.Keep in mind that these services require a valid license to run. Without it, the application will not start. For license details, check our License documentation.

Why use Access Manager?

When your security strategy requires native, fine-tuned access control across all Lerian ecossystem, Access Manager is your go-to. It helps you manage users, credentials, and application access with performance and flexibility in mind.
Access Manager is available as a part of the Enterprise model. If you’d like to learn more or evaluate it for your use case, get in touch with our team.

Technical specs

  • RESTful APIs and Console interface available.
  • Midaz and its plugins include the lib-auth library, ready to enforce authorization checks.
  • Feature flag available via environment variable PLUGIN_AUTH_ENABLED to toggle validation.
  • OAuth2-based token management and credential flow.
  • Integration-ready with third-party authentication and authorization platforms.
  • Valkey caching to boost performance.
  • Role-based access control (RBAC) aligned with Midaz resource structure.

Use cases

Access Manager is ideal for:
  • Clients looking for built-in authentication and authorization at the application layer.
  • Organizations without a pre-existing IAM solution.
  • Scenarios where secure M2M integrations are needed.
  • Teams that want unified access control across Midaz and all its plugins.