Not everything in Access Manager needs an API call. Lerian Console gives you a visual home for the access tasks most administrators handle day to day. From the Console’s Settings area, you can create and manage users, assign permission groups, and set up machine-to-machine applications without touching the Identity APIs.Documentation Index
Fetch the complete documentation index at: https://docs.lerian.studio/llms.txt
Use this file to discover all available pages before exploring further.
Prerequisites
Before using Access Manager features in Lerian Console, make sure you have:
- Access Manager plugin installed and running
- Access Manager enabled in your environment configuration
- Admin credentials to log into Lerian Console
Once Access Manager is enabled, protected API requests must include an
Authorization header with a valid Bearer access token.Without this header, protected requests will be rejected, even for endpoints that were previously accessible without authentication.Accessing Access Manager settings
Access Manager features are available through the Settings area in Lerian Console:
What you can do
Lerian Console Settings offers two main Access Manager areas:
Managing Users
Create, edit, and delete user accounts. Manage passwords and assign users to permission groups for human access.
Managing Applications
Create and review machine-to-machine applications for service integrations. Use generated client credentials for secure service communication.
What still uses APIs
Console covers the common cases, but not all of them. For anything that isn’t in Console settings, reach for the Identity APIs and Auth APIs:
| Area | Use APIs for |
|---|---|
| Providers | Create, update, delete, link, unlink, and set default communication providers for MFA delivery. |
| MFA | Initiate setup, verify passcodes, enable, disable, and change the preferred MFA method. |
| Token flows | Request tokens, refresh tokens, retrieve user information, and end sessions. |
| Permission checks | Validate a resource-action decision or retrieve the authenticated user’s effective permissions. |
In multi-tenant deployments, Console follows the same tenant boundary as the APIs. The logged-in administrator only sees and manages users and applications in the tenant carried by their authenticated context.
The default admin user created during Access Manager installation cannot be deleted, but you can update its details and password through the Console.
Next steps
- Learn about best practices for Access Manager
- Understand the technical components of Access Manager
- Review API reference for programmatic access