Security1 min read
Security
Identity, encryption, and secure operations for OpsKnight
Security
This section covers identity management, data encryption, and secure operations for OpsKnight.
In This Section
| Guide | Description |
|---|---|
| OIDC SSO Setup | Configure single sign-on with Google, Okta, Azure, and more |
| Encryption | How secrets are encrypted at rest and how to configure the master key |
Key Concepts
- Authentication is handled by NextAuth.js with OIDC support. See Authentication for the full guide.
- Encryption at rest uses AES-256-CBC envelope encryption. The master key is supplied via the
ENCRYPTION_KEYenvironment variable. - Secrets management — Never commit
NEXTAUTH_SECRETorENCRYPTION_KEYto source control. Use a secrets manager in production.
Related Administration Topics
- Authentication — Local auth, SSO, sessions, and security settings
- Audit Logs — Security event tracking and compliance
Last updated for v1.1
Edit this page on GitHub