Varnish Controller


Authentication is the process by which a user authenticates their identity/credentials to Varnish Controller. This doesn’t mean that the user has access to resources. Resource access depends on the authorization, which consists of permissions.

See authorization how resource access works.

Authentication Types

Authentication can be made in two ways in Varnish Controller.

  • Basic auth
  • Authentication via third-party identity provider (Keycloak)

All Varnish Controller systems require at least one system admin. The system admin has full access to the system and can only be created using the brainz process and not via the REST API. The system admin has access via basic auth to the system via REST API.

Regular basic auth users are created either via the system admin or via an organization user that has account permissions.

When using a third-party Keycloak Identity Provider (IDP) users can log in to the given organization but have no permissions when they start.