Skip to content

Platform & Experience

Please use this forum to share your ideas on how we can improve in any of these areas.
Join our forum to discuss your ideas with Aiven community or check out our public roadmap.

JUMP TO ANOTHER FORUM

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback

16 results found

  1. As a customer, I want to create API Tokens which are not attached to a real user, so that I can enforce the usage of SAML for the whole Organization. Using tokens from a real user usually means that the token has more access than desirable for example monitoring can be done with read-only permissions.

    47 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    Roadmapped  ·  1 comment  ·  IAM  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  2. As an Organization administrator
    I want to be able to create and define my own roles
    so that I can specify as granular as possible what users with that roles can or can not do.

    For example:
    - I want to create a new role dedicated to manage and view only billing related information which is used for members of the finance department.
    - I want to create a new role dedicated to manage users and groups which is used by members of the IT department.

    32 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    Gathering Interest  ·  3 comments  ·  IAM  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  3. As an IT Administrator I want to automate the on and off-boarding of users and manage their lifecycle in Okta.

    SCIM allows an IT Administrator to provision users and groups automatically to Aiven and keeps them in sync with the identity provider.

    31 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    Roadmapped  ·  1 comment  ·  IAM  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  4. As an IT Administrator I want to automate the on and off-boarding of users and manage their lifecycle in Azure AD.

    SCIM allows an IT Administrator to provision users and groups automatically to Aiven and keeps them in sync with the identity provider.

    23 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    Gathering Interest  ·  3 comments  ·  IAM  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  5. As an IT Administrator I want to automate the on and off-boarding of users and manage their lifecycle in Google Workspace.

    SCIM allows an IT Administrator to provision users and groups automatically to Aiven and keeps them in sync with the identity provider.

    14 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    Gathering Interest  ·  0 comments  ·  IAM  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  6. As an Aiven Administrator
    I want to have an automated way to know when a user's ssl certificates enter their expiration grace period (last 3 months)
    so that I can update the values stored in, say, AWS SecretsManager
    A simple method would be to provide an api that shows the expiration dates for each user (as per the data file available to the Console) so that I could poll once per month, say, and update any certificates in the grace period and use the current acknowledgement api to complete the task.

    11 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    Gathering Interest  ·  3 comments  ·  IAM  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  7. As an Organization Administrator, I want the possibility to bypass normal authentication and access procedures, so that I can restore access in an emergency situation for example when SAML authentication fails.

    9 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    Gathering Interest  ·  0 comments  ·  IAM  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  8. As an administrator of the Aiven Console
    I want to associate users, teams(/groups) at the Org Unit level
    so that I can have different units within my business control their own infrastructure, projects, services etc.
    In addition, projects created within the Org Units would inherit the same user and group permissions by default

    6 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    Gathering Interest  ·  0 comments  ·  IAM  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  9. As an Aiven customer with a verified domain, and therefore the ability to reset my users' credentials, I would like to be able to disable self-service password reset for my users. This is to support internal policies that users' passwords can only be reset by our helpdesk.

    3 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    Gathering Interest  ·  0 comments  ·  IAM  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  10. As an Aiven user, I would like to be able to enable 2FA with U2F tokens such as a Yubikey or a Titan Security Key. This is more convenient to use and more secure than the TOTP token option currently offered.

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    Gathering Interest  ·  0 comments  ·  IAM  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  11. As an Aiven user, I would like to be able to authenticate to the platform with passkeys (i.e. webauthn). This is more convenient and secure than a password. Ideally, I would be able to remove password authentication from my account if I enable or sign up with a passkey.

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    Gathering Interest  ·  0 comments  ·  IAM  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  12. As a user with multiple devices, I would like to be able to add additional 2FA devices to my authentication profile. Currently, if I want to add a new device, I have to disable 2FA, and then enable it again on every device with the new token key, and re-issue my tokens.

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    Gathering Interest  ·  0 comments  ·  IAM  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  13. As an Aiven customer with a verified domain, I would like the option to restrict the list of domain names in the email addresses users can use to sign into my account. Particularly, I'd like to prevent users from domains I don't control from being invited to my account. Ideally, I could specify a list of allowed email domains, or at least restrict sign-in to my verified domains. Users with email addresses with domain names not in the list should be denied access.

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    Gathering Interest  ·  0 comments  ·  IAM  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  14. As an Aiven user depending on platform authentication and using 2FA to improve account security, I would prefer to be able to reset 2FA by the use of recovery codes; simultaneously, I would prefer that resetting my password via email password reset not clear my 2FA settings.

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    Gathering Interest  ·  0 comments  ·  IAM  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  15. As a customer
    I want to manage RBAC via Terraform (including assigning users as members of groups, and assigning roles to groups for our projects)
    so that I can administer our roles fully in one place without needing to sign in to the portal.
    This is currently blocked due to an issue relating to user invites (see https://github.com/aiven/terraform-provider-aiven/pull/1367#issuecomment-1765722571) - meaning in Terraform we can create users, and create groups, but we cannot assign users as group members (and no resource exists in the Aiven Terraform provider yet to allow us to assign project roles to groups, AFAIK).

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    Roadmapped  ·  0 comments  ·  IAM  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  16. As an IT Administrator I want to automate the on and off-boarding of users and manage their lifecycle in OneLogin.

    SCIM allows an IT Administrator to provision users and groups automatically to Aiven and keeps them in sync with the identity provider.

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    Gathering Interest  ·  0 comments  ·  IAM  ·  Admin →
    How important is this to you?

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)
  • Don't see your idea?