Airlock as a Service Knowledge Base

Airlock as a Service setup

Create an account

To get started with Airlock as a Service and use the Airlock Console, you must first create an Airlock account by completing the self-registration flow at https://manage.airlock.cloud/ui/. After you complete sign-up, you become the first SaaS administrator of your organization, which is created during registration. You can then complete your organization details, create tenants (each representing an IAM instance), and invite additional administrators. You can also assign invited administrators to tenants.

Complete the registration as follows:

  1. Go to https://manage.airlock.cloud/ui/.

  2. Click sign up here below the login fields.

  3. Enter the required information in the registration form.
    ▶ You will receive an email with a one-time password (OTP).

  4. In the Email verification dialog, enter the OTP in the Security code field to verify your email address.

  5. Enable Airlock 2FA within the next two weeks. Some Airlock Console functionality requires it as a second factor.

  6. Register an mTAN number as a required backup authentication method.

After you register successfully, you can access the Airlock Console. Your organization is created automatically and represents your company.

Risk: Administrator lockout due to loss of 2FA access

If you lose access to your Airlock 2FA device, you may be unable to sign in to the Airlock Console and could lose administrative access to your organization. This risk is especially critical if no other administrator can manage administrator accounts or if all administrators rely on the same 2FA device.

To reduce the risk of an administrator lockout, take one or both of the following actions:

Add a second Airlock 2FA device under:
<Your Name> >> My Account >> Manage 2FA devices

Invite at least one additional administrator with either the SaaS Administrator role or the AMC – Manage administrator role. This allows another administrator to remove and re-invite you if you lose access to your 2FA device.


Setup Airlock as a Service

Next, set up Airlock as a Service according to your company's needs. This includes the following tasks:

Task

Instructions

Completing the organization details

Managing an organization

Creating one or more tenants

Note that each tenant represents an IAM instance.

Managing tenants

Completing the Getting started configuration for each tenant

Note that this quickly applies an initial working configuration to the new tenant, lets you test it, and optionally adjust key parameters within a few minutes.

Getting started

Inviting other administrators and assigning them roles and tenants

Managing administrators

Managing the end-users that use and must access your company's applications

Working with end-users

Working with secrets and keys

Working with vaults