> ## Documentation Index
> Fetch the complete documentation index at: https://docs.lerian.studio/llms.txt
> Use this file to discover all available pages before exploring further.

# What is Access Manager?

> Control who accesses what across Lerian products with centralized authentication, authorization, and identity management.

Authentication and authorization are foundational to protecting your system. While authentication confirms  the user is, authorization controls  that user can access or do. Both are essential to keep your applications secure and your data safe.

In BYOC deployments, most clients already have their own authentication mechanisms, and we respect that. In SaaS deployments, Access Manager is the authentication layer for the entire platform — and [tenant isolation](/en/multi-tenancy) is enforced at the application level through JWT-based context resolution. Either way, Access Manager gives you fine-grained control over who accesses what, without complexity.

The **Access Manager** is an optional component designed to handle user access and identity management when you need more control at the application level.

<Tip>
  **Test the Access Manager locally**

  Run Lerian’s plugins without deploying to Kubernetes using our [plugins-docker-compose repository](https://github.com/LerianStudio/plugins-docker-compose).

  Keep in mind that these services require a valid license to run. Without it, the application will not start. For license details, check our [License documentation](/en/reference/lerians-license).
</Tip>

## Why use Access Manager?

***

When your security strategy requires native, fine-tuned access control across the Lerian ecosystem, Access Manager is your go-to. It helps you manage users, credentials, and application access with performance and flexibility in mind.

All Lerian products and plugins ship with native Access Manager integration. Whether you're running Midaz, Reporter, Tracer, Flowker, or any combination of them, Access Manager provides a single layer of authentication and authorization across your entire stack.

<Tip>
  Access Manager is available as an optional feature under the **Enterprise model**. If you'd like to learn more or evaluate it for your use case, [get in touch with our team](https://lerian.studio/contact).
</Tip>

## Technical specs

***

* RESTful APIs and Console interface available.
* Lerian products and plugins include the `lib-auth` library, ready to enforce authorization checks.
* Feature flag available via environment variable `PLUGIN_AUTH_ENABLED` to toggle validation.
* OAuth2-based token management and credential flow.
* Integration-ready with third-party authentication and authorization platforms.
* Valkey caching to boost performance.
* Role-based access control (RBAC) aligned with Lerian's product resource structures.

## Use cases

***

Access Manager is ideal for:

* Clients looking for built-in authentication and authorization at the application layer.
* Organizations without a pre-existing IAM solution.
* Scenarios where secure M2M integrations are needed.
* Teams that want unified access control across all Lerian products and plugins.