Find out what Zero Trust means, add authentication providers like Duo, Okta, Saaspass and, then add your users.

What is Zero-Trust Access Control?

Zero Trust means what it says: you don’t trust anyone, you don’t hand out database logins and you don’t just allow users into your network.

With Cirro, you’ve got granular control over every part of your database infrastructure. Everything is verified and recorded, from who is able to login, when and how they can login, the databases being accessed and the queries being run.


Setup Access Control

Step One: Authentication and Roles

Add Authentication Providers

Cirro supports Duo, Okta, Saaspass and authentication providers. Add these to Cirro before onboarding users.

Add Duo

Add Okta

Add Saaspass


View and manage all your authentication providers.

Manage Authentication Providers

Data Control

Roles make the management of database credentials and privileges much easier than if you granted them to each user in turn.

Start with a keychain role to grant direct database privileges.

Keychain Role

Then grant Cirro and direct database privileges.

Privilege Role

Learn more about Data Control

Data Control Home

Step Two: Onboard Users

Choose whether to add users to Cirro Directory, or integrate LDAP or Azure AD.

Add Cirro Managed Users

Cirro has its own directory service where you can add and manage users. It's a good choice for small teams or specific users like administrators.

During the process, you can add built-in or custom roles, database credentials, table privileges and Cirro privileges.

Create Cirro User Account

Manage your users in the View All Users page.

Manage Users

View privileges granted to users

Privileges Matrix

View database credentials granted to roles

Credentials Matrix

Onboard Directory Services Users

Cirro integrates with Azure AD, LDAP and Okta directory services.

Setup Azure AD

Configure LDAP

Create Okta Users

View your users in the View All Users page.

View all users

Step Three: Define Access Rules

Access Rules define who can login, how they can login, when and how, and what they can access.

Access Rules

Access rules provide application-level security to the Cirro server. They can restrict access to Users, Databases and IP or network addresses either permanently or at specified times.

User Access Rules

Data Control Access Rules

Data Management Access Rules

Learn more about Access Rules and Alert Actions

View Access Rules

View Alert Actions