Identity and Access Management

The service allows to create and manage user identities and control access to virtual machines and other cloud resources.

Google or GitHub accounts

Users don’t need to create additional accounts: to access your Nebius resources, they can use any of their Google or GitHub accounts.

Two-factor authentication

In Nebius, you can also set up two-factor authentication via Google or GitHub account. Access is granted via the Google Authenticator mobile app.

Service accounts

Create service accounts for your processes so they can connect to your cloud resources as users through the service API.

Inviting users

Organization administrators and owners can add users with a Google/GitHub account as well as federated users.

Single Sign-On

Users can log in to Nebius services through Single Sign‑On (SSO) using their Google accounts or corporate accounts.

User groups

Users can be organized into a group structure, each with different access rights to the cloud.

Intuitive cloud console for a smooth user experience

To use the service, add a user to Nebius and to the one of the organization’s groups.

Full screen image

Questions and answers about IAM

What is Identity and Access Management used for?

The service controls access to resources and lets you configure access rights. You can:

  • add and delete new cloud users,
  • manage access rights to resources by adding users to the groups,
  • create service accounts: special accounts to manage Nebius resources via API,
  • get an IAM token required for authorization via API.