Access management
Overview
Section titled “Overview”The workbench mounts @alexbayerl/djed-iam-ui on Settings → Access (/app/settings/access).
IamProviderwraps the app (seeui/src/shell/IamBridge.tsx) and calls the IAM API at same-origin/iam/v1/....atlas-gatewayreverse-proxies/iam/*to the IAM control plane whenATLAS_IAM_HOST(and optionallyATLAS_IAM_PORT) are set.
Permissions
Section titled “Permissions”The Access surface is gated with atlas:access:manage (useHasPermission from @alexbayerl/djed-iam-client). Grant this permission in your IAM role bundles for operators who should manage members and invites.
Project scope
Section titled “Project scope”PeopleAndAccess is scoped with the active project from ProjectProvider (header Project switcher reads IAM memberships).
Invites
Section titled “Invites”Users open /app/access/invite/:token (protected route) to accept or decline an invitation via InviteAcceptScreen.
See also
Section titled “See also”- Gateway route map —
/iamproxy