Users
Loft provides different authentication mechanisms including password-based authentication and several single sign-on (SSO) options.
Workflows
Add Users
- UI
- kubectl
Create User
Send Invite Link To User (optional)
If you did not specify a password for the user in step 1, Loft will automatically generate an invite link with a one-time access token for this user. If you send these invite links to your users, they will be logged in and asked to change their password.
Reset Passwords
Delete Users
Delete a user using kubectl
:
Data Loss
Deleting a user will also delete all cluster accounts that are owned solely by this user. Deleting these accounts in turn will also delete other related objects such as account quotas and spaces.
Cluster Roles
Loft provides an ClusterRole named loft-management-admin
that can be assigned to users. This role will allow users to manage all Loft-related ressources within the Loft cluster, i.e. user, cluster, team etc.