Kalix offers multiple levels of authentication and authorization that can be used to secure services, projects and organizations. Which levels are right for you will depend greatly on your use case. These levels of security are complementary. In some cases, it may make sense to utilize multiple levels of Kalix security features.
Access to projects is managed by granting users roles. Different roles enable different capabilities when interacting with a project. To understand which roles exist and how to assign them, refer to the section Managing project users. Project membership is managed via the
kalix roles commands.
To allow for scripted access to projects, Kalix supports authentication tokens. For details see Integrate with CI/CD tools.
Kalix also provides secret management for each project, typically used for passwords, login credentials, keys, etc. You can provide secrets to your services through environment variables. For details see Manage secrets section.
Similarly to projects, access to organizations is managed by granting users roles that provide different capabilities. To understand which roles exist and how to assign them, consult the section Managing organization users. Organization membership is managed via the
kalix organization invitations and
kalix organization users commands.