Access Manager provides two services that work together to handle authentication, authorization, and identity management across the Lerian ecosystem. Use these APIs to authenticate users, manage M2M connections, and control access permissions programmatically.Documentation Index
Fetch the complete documentation index at: https://docs.lerian.studio/llms.txt
Use this file to discover all available pages before exploring further.
API architecture
Access Manager is built on two core services, each with its own APIs:
Auth APIs
Manages authentication flows, tokens, and session control.
Identity APIs
Manages users, groups, applications, providers, application-provider links, and MFA configuration.
Error list
Review Auth and Identity error codes.
API requirements
Once Access Manager is enabled, protected product APIs require authentication.Every request must include an
Authorization header with a valid Bearer token, or it will be rejected with a 401 Unauthorized response.Request headers
All authenticated requests must include:Token expiration
- Access tokens expire after 3600 seconds (1 hour)
- Refresh tokens expire after 24 hours
- Plan token refresh before expiration to avoid service interruption
Endpoint groups
Use these overview pages to find the endpoint you need:
- Auth APIs — token requests, token refresh, logout, user information, permission checks, and MFA login challenges.
- Identity APIs — users, groups, applications, providers, provider links, and MFA management.
- Access Manager error list — error codes returned by Auth and Identity.
Next steps
- Review the Using Access Manager guide for workflow examples.
- Learn about Access Manager Components architecture.
- Check Best Practices for security recommendations.