Midaz Console with Access Manager
Midaz Console does not include native access control. However, if you need to manage users, permissions, and roles, you’ll need to acquire the Access Manager plugin, a paid feature available exclusively to Enterprise clients.
Access Manager brings a robust, centralized RBAC (Role-Based Access Control) system to the table, designed to scale with your team and simplify complex permission setups.
TipNeed this feature? Access Manager is available as part of the Enterprise model. If you'd like to learn more or evaluate it for your use case, get in touch with our team.
Why Access Manager?
Access Manager replaces the Console’s legacy access control with a modern, API-driven model backed by a centralized Identity Provider. It’s built for teams that need clarity, consistency, and control over who can access what.
Each Enterprise environment is single-tenant, which means your access rules are isolated and secure by design.
The Identity Provider takes care of:
- User authorization.
- Role and group management.
- Seamless integration between UI and API.
Our access goals
- Centralize authentication and authorization.
- Make it easy to manage users and permissions through a consistent interface.
- Support role-based access (RBAC) for real-world team structures.
- Provide a scalable solution for fast-growing teams.
Role-Based Access Model (RBAC)
Once Access Manager is activated, you can assign default roles to users. Each role defines what that user can do inside the Console:
| Role | Description | Permissions |
|---|---|---|
| Admin | Full system administrator | Complete access to all features, settings, and resources—including user and role management. |
| Editor | Content and settings manager | Can modify content and update configurations within assigned areas, but doesn’t have full admin rights. |
| Contributor | Task and content collaborator | Can create and contribute content or perform specific actions, but cannot change core settings. |
| Viewer | Read-only user | Can view data and system content but can’t make changes. Ideal for audits or monitoring. |
AttentionCustom roles and permission definitions are not available in v1. Access is managed only through the default role set.
Enabling Access Manager
After installing the Access Manager plugin, you still need to enable it for it to work. This means updating the Auth variables in the .env files of Midaz Ledger, Midaz Console, or any plugin where you want to use Access Manager.
Your configuration should look like this:
# AUTH CONFIGS
PLUGIN_AUTH_ENABLED=true
PLUGIN_AUTH_HOST=http://plugin-auth:4000Where to update
You'll find the relevant .env files in these locations:
-
Midaz Ledger and Midaz Console
/midaz/components/onboarding/midaz/components/transaction/midaz/components/console
-
Other plugins
- The
.envfile should be in the root directory of the plugin.
- The
TipCan’t see the files? Try adjusting your system settings to show hidden files since
.envfiles are often hidden by default.
Rebuild after changes
After updating the environment, rebuild your Docker images to apply the changes:
- In your terminal, go to the root of your Midaz project.
- If Docker is running, stop it:
make down- Then rebuild everything:
make rebuild-upAccessing Midaz Console
After you enable the Access Manager plugin, the login page will appear when you access Midaz Console (Figure 1).
Figure 1. The Midaz Console login page.
First login as admin
The first time you log in as an admin, you can use the default admin credentials:
- Email:
[email protected] - Password:
Lerian@123
After logging in, you’ll go through the Onboarding flow. Once that’s done, you can create the users your Organization needs. These users will use their credentials to access Midaz Console.
ImportantDon’t forget to update the admin password after your first login. It’s a simple step that helps keep your environment secure.
Available actions
With Access Manager enabled, you can:
Updated 20 days ago