Skip to main content

Security & Access

Access to the azuma doa Developer Portal is secured through several layers of protection to ensure the safety of your tenant configuration and user data.

Authentication

Authentication to the portal is handled via the azuma doa identity provider itself.

  • Email/Password: Every developer requires a unique account. We recommend using strong, unique passwords.
  • Multifactor Authentication (MFA): We strongly encourage the use of TOTP (Time-based One-Time Password). This adds a second layer of security by requiring a code from an authenticator app (e.g., Google Authenticator, Authy, or Microsoft Authenticator) during login.

Access Control

For organizations with strict security policies, we provide additional network-level restrictions.

  • IP-filter (Optional): You can restrict access to the Developer Portal to specific IP address ranges (e.g., your corporate office network or VPN). When enabled, any login attempt from an unauthorized IP address will be blocked, even with valid credentials.

Role-Based Access Control (RBAC)

Access within the Developer Portal is governed by roles to ensure that users have only the permissions necessary for their tasks.

  • Admin: The highest level of access. Admins can manage all tenant settings, create and delete applications, manage other users, and access sensitive security configurations.
  • Developer: Can manage application configurations, authentication flows, and integration settings. This role is focused on technical implementation and day-to-day development tasks.
  • Support: Designed for troubleshooting and monitoring. Support users typically have read-only access to configurations and can view audit logs or user status to assist end-users without the ability to modify critical tenant infrastructure.
  • Reader: A restricted read-only role. Readers can view configurations and settings but do not have access to sensitive data or troubleshooting tools like audit logs.

You can see the permissions per role in the Developer Portal.