Configuring Projects

In ScaleFT, a project is an authorization scope, similar to a Domain in Active Directory, or a Realm in Kerberos.

A project associates a collection of resources with a set of configurations, including RBAC and access policies.

You can think of a project as a programmable Certificate Authority for client certificates, including OpenSSH CA certificates and X.509 certificates, as well as signed objects such as JWTs which are not certificates.

Creating a New Project

To create a project, click “Projects” in the top bar of the Dashboard, then click “New Project”.

Naming a Project

Choose a unique name to identify your project. It may not contain spaces or special characters, other than -, _, or ..

Server User Account Management

The ScaleFT Agent can be configured to create and manage local user accounts on your servers. This option is enabled on new projects by default.

The alternative user management configurations for ScaleFT entail more coordination between your Identity Provider and your CM system. Please reach out to Support if you would like to deploy ScaleFT without enabling this feature.

Server User Account Management documentation

Adding Groups

Once you have created your project, click on the “Permissions” tab, then click “Add Group” in order to grant a group of users permission to log in to servers in the project.

Group documentation

Server Account Permissions

If your project is configured to manage user accounts on servers, ScaleFT will create an account for each member of a group that you add to the project. You can control the permissions of these accounts when you add the group to the project.

Choose “Admin” under Server Account Permissions if you want server accounts created by ScaleFT to have the abililty to use sudo on Linux, or Administrator privileges on Windows.

Otherwise use “User”, which will grant users the ability to log into the server, and create a user account on the server for users in that group.

Viewing Server Accounts

If your project is configured to create server accounts for users, you can view a list of user accounts that sftd will create on servers under the “Permissions” tab.