logo_smallAxellero.io

Settings

Comprehensive configuration options for authentication, permissions, and administrative features.

The Settings section provides comprehensive configuration options for your Axellero Studio applications. Manage authentication, permissions, system configurations, and administrative features.

Settings Categories Overview

CategoryPurposeConfiguration ScopeSecurity Level
Authentication ProvidersConfigure login methods and identity providersApplication/WorkspaceHigh - Controls access
API Access TokensManage programmatic access to applicationsApplication/UserHigh - System access
Language SettingsMulti-language support and localizationApplication/UserLow - User preference
Constants ManagementApplication-wide configuration valuesApplicationMedium - System behavior
Member ManagementUser access, roles, and permissionsOrganization/WorkspaceHigh - Access control

Authentication Provider Types

Provider TypeDescriptionConfiguration RequirementsUse Cases
OAuth 2.0Industry standard authorization frameworkClient ID, Client Secret, Redirect URLsThird-party login (Google, GitHub, Microsoft)
SAMLSecurity Assertion Markup LanguageIdP metadata, SP settings, certificatesEnterprise SSO, corporate identity systems
LDAPLightweight Directory Access ProtocolServer URL, bind credentials, search baseCorporate directories, Active Directory
OpenID ConnectAuthentication layer on top of OAuth 2.0Discovery endpoint, client credentialsModern SSO, identity verification
CustomCustom authentication implementationAPI endpoints, validation logic, user mappingProprietary systems, legacy authentication

API Token Management

Token TypeScopePermissionsExpiration Options
Application TokensSingle application accessRead, write, execute, admin30 days, 90 days, 1 year, never
User TokensUser-specific accessBased on user permissions7 days, 30 days, 90 days
Service TokensService-to-service communicationSpecific API endpointsBased on service requirements
Read-Only TokensData retrieval onlyRead permissions onlyExtended expiration periods

Overview

Studio settings are organized into logical categories that allow you to:

  • Control Access: Manage who can access your applications and what they can do
  • Configure Authentication: Set up secure login methods and identity providers
  • Manage Integrations: Control API access and external integrations
  • Customize Experience: Configure language preferences and application behavior
  • Define Constants: Set up reusable configuration values across your application

Settings Hierarchy

Settings in Axellero Studio follow the platform hierarchy:

Organization-Level Settings

Apply across all workspaces and applications:

  • Organization-wide authentication providers
  • Master user management
  • Global security policies
  • Billing and subscription settings

Workspace-Level Settings

Apply to all applications within a workspace:

  • Workspace authentication configuration
  • Shared constants and configurations
  • Team member access controls
  • Resource sharing policies

Application-Level Settings

Specific to individual applications:

  • Application-specific authentication
  • API tokens and access controls
  • Language and localization settings
  • Application constants and variables

Quick Start

Initial Configuration

When setting up a new application:

  1. Configure Authentication: Set up user login methods
  2. Add Team Members: Invite users and assign roles
  3. Set Up Languages: Configure localization if needed
  4. Define Constants: Add application configuration values
  5. Generate API Tokens: Create tokens for external access

Regular Management

Ongoing settings management:

  • Review Member Access: Regularly audit user permissions
  • Rotate API Tokens: Update tokens for security
  • Update Languages: Add new localizations as needed
  • Manage Constants: Update configuration values as requirements change
  • Monitor Authentication: Ensure secure access configurations

Permission Management

Role-Based Access Control

Role LevelOrganization RightsWorkspace RightsApplication RightsTypical Users
OwnerFull admin, billing, member managementCreate/delete workspaces, full accessAll applications, full configurationFounders, CTOs
AdminMember management, settingsWorkspace admin, member managementApplication configuration, deploymentTechnical leads, DevOps
DeveloperView organization infoDevelopment access, testingBuild, test, modify applicationsSoftware engineers
CollaboratorView organization infoLimited workspace accessSpecific application accessExternal contractors
ViewerOrganization overview onlyRead-only workspace accessView applications, execution logsStakeholders, managers

Permission Granularity

Permission AreaAvailable ControlsScope OptionsSecurity Considerations
Application AccessView, edit, execute, deploy, deletePer-application or bulk assignmentRestrict sensitive applications
Data AccessRead, write, delete, schema modificationTable-level or database-levelProtect sensitive data
Integration ManagementCreate, edit, delete, execute connectorsIntegration-specific or category-basedSecure external system access
Settings ManagementAuthentication, members, constants, tokensSetting-specific permissionsLimit configuration changes

Security Considerations

Access Control

Implement proper security measures:

Role-Based Permissions:

  • Assign minimum necessary permissions
  • Use predefined roles when possible
  • Regularly review and update access rights
  • Implement approval processes for sensitive changes

Authentication Security:

  • Use strong authentication methods
  • Enable multi-factor authentication where available
  • Configure secure password policies
  • Monitor authentication logs for suspicious activity

API Security

Protect programmatic access:

Token Management:

  • Generate unique tokens for each integration
  • Set appropriate token expiration periods
  • Regularly rotate tokens
  • Monitor token usage and access patterns

Access Restrictions:

  • Limit API token permissions to necessary operations
  • Use IP whitelisting when possible
  • Monitor API usage for anomalies
  • Implement rate limiting where appropriate

Data Protection

Safeguard sensitive information:

Configuration Security:

  • Protect sensitive constants and configuration values
  • Use secure storage for credentials and secrets
  • Implement proper access controls for settings
  • Audit configuration changes

Best Practices

User Management

Effectively manage team access:

Onboarding:

  • Create standardized onboarding processes
  • Assign appropriate initial permissions
  • Provide training on platform usage
  • Document role responsibilities

Access Review:

  • Regularly audit user permissions
  • Remove access for inactive users
  • Update permissions as roles change
  • Maintain principle of least privilege

Configuration Management

Maintain consistent configurations:

Documentation:

  • Document all configuration changes
  • Maintain configuration baselines
  • Create change management processes
  • Keep settings documentation current

Testing:

  • Test configuration changes in development environments
  • Validate authentication and access controls
  • Monitor system behavior after changes
  • Have rollback procedures ready

Maintenance

Keep settings current and secure:

Regular Reviews:

  • Schedule periodic settings reviews
  • Update outdated configurations
  • Remove unused API tokens
  • Clean up inactive user accounts

Monitoring:

  • Monitor settings usage and access
  • Track configuration changes
  • Alert on suspicious activities
  • Maintain audit logs

Common Tasks

Adding New Users

  1. Navigate to Settings → Members
  2. Click "Add Member" or "Invite User"
  3. Enter user email and details
  4. Assign appropriate roles and permissions
  5. Send invitation and track acceptance

Creating API Tokens

  1. Go to Settings → API Access Tokens
  2. Click "Generate New Token"
  3. Configure token permissions and expiration
  4. Copy and securely store the token
  5. Document token usage and purpose

Configuring Languages

  1. Open Settings → Language Settings
  2. Add new language configurations
  3. Upload translation files or configure localization
  4. Test language switching functionality
  5. Update application to use new languages

Managing Constants

  1. Access Settings → Constants Management
  2. Add new constants or update existing values
  3. Organize constants by category or purpose
  4. Test applications using updated constants
  5. Document constant purposes and usage

Troubleshooting

Common Issues

Authentication Problems:

  • Verify authentication provider configuration
  • Check user permissions and role assignments
  • Validate authentication settings and credentials
  • Review authentication logs for errors

API Access Issues:

  • Verify token permissions and expiration
  • Check API endpoint configurations
  • Validate request formats and authentication headers
  • Monitor API usage logs for errors

Language/Localization Problems:

  • Verify language configuration settings
  • Check translation file formats and content
  • Validate language switching functionality
  • Test with different browser language settings

Permission Issues:

  • Review user role assignments
  • Check inherited permissions from organization/workspace
  • Validate specific permission configurations
  • Audit recent permission changes

Getting Help

Documentation:

  • Review specific settings category documentation
  • Check troubleshooting guides for detailed solutions
  • Consult API documentation for integration issues
  • Review best practices guides

Support Resources:

  • Contact support for configuration assistance
  • Engage with community forums
  • Check status page for system-wide issues
  • Review release notes for changes and updates

Next Steps

  1. Review Current Settings: Audit your existing configurations
  2. Implement Security Best Practices: Enhance authentication and access controls
  3. Optimize User Management: Streamline member access and permissions
  4. Configure Integrations: Set up API tokens and external connections
  5. Plan Maintenance: Schedule regular settings reviews and updates

Each settings category has detailed documentation to help you configure and maintain your Studio applications effectively.