Skip to main content

Authentication & Authorization

Tigris provides pluggable authentication and authorization support. For authentication Tigris uses OpenID connect built on top of OAuth 2.0 and for authorization it uses stateless JSON Web Token.

Support for customizing the authentication mechanism is also provided. It is possible to use Google, GitHub, LDAP and other SSO providers.

Types of users

Tigris has two types of users:

  • Human users: This type of user authenticates themselves through the web console or the CLI and obtain a JWT.
  • Applications: Applications are what you will use to authenticate with Tigris via the supported client libraries. Each application has a client_id and client_secret associated with it.

Creating an application in web console

Authenticating via CLI

See the CLI/auth section to learn more about authenticating through the CLI as a regular user and then creating an application.

Supported auth providers


Tigris has built in integration with Auth0 as one of the authentication and authorization providers. Tigris Cloud uses rotating JWT and uses Auth0 as the signature authority with RS256 signature algorithm.