Manage users and policies

Learn how to manage Piiano Vault users, roles, access policies, and authentication options

In this guide, you'll learn about how identity and access management users, roles and policies are represented in the API, how to set IAM configuration, and how to get current IAM configuration. You'll also learn how to regenerate user API key or authenticate a JWT access token generated by an external identity provider.

📄️ How IAM works

Learn about Piiano Vault's identity and access management (IAM), the feature Vault uses to govern access to APIs and data.

📄️ About data access policies

Learn about the Piiano Vault data access policies and how they let you control access to personal and sensitive data.

📄️ Update the IAM configuration

Learn how to update the users, roles, and policies of the Piiano Vault IAM configuration using its TOML file from this step-by-step guide.

📄️ Define users

Learn how to define a user with a role as part of the Piiano Vault identity and access management (IAM) configuration.

📄️ Add capabilities to a role

Learn how to add capabilities to a role as part of the Piiano Vault identity and access management (IAM) configuration.

📄️ Define new policies

Learn how to define new Piiano Vault identity and access management (IAM) policies and add them to a role.

📄️ Regenerate user API key

Learn how to regenerate a user API key, to enable access to the REST API and CLI, using the CLI iam regen-api-key command.

📄️ Set the admin's API key

Vault always has an admin user account, which you use to update the configuration of Vault. Learn how to set the admin user account's API key.

📄️ Configure JWT authentication

Learn how to configure JWT authentication for use as a bearer token to gain access to the Piiano Vault REST API.

📄️ Default IAM Configuration

Learn about the content of the default identity and access management (IAM) configuration provided in Piiano Vault.