> ## Documentation Index
> Fetch the complete documentation index at: https://docs.coreweave.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Managed Auth

> Abstracted authentication for simplified user management

<Tip>
  Managed Auth is the **recommended path** for handling user authentication across CoreWeave.
</Tip>

**Managed Authentication**, also called **Managed Auth**, is a series of CoreWeave-provided services that abstract authentication to offer customers flexible, simple, and secure methods of authentication management.

The Managed Auth suite includes:

* The [CoreWeave Cloud Console](/security/authn-authz/activate-org)
* CoreWeave [API Access Tokens](/security/authn-authz/managed-auth/api-access)
* Generated [kubeconfig files](/products/cks/auth-access/managed-auth/kubeconfig) for CKS clusters
* Session cookies in the user's web browser when using the Cloud Console

These services authenticate you to your CoreWeave organization and top-level resources. This page introduces the Managed Auth suite for administrators and users who need to understand how authentication works across CoreWeave before configuring access.

<Info>
  To learn more about user permissions and user authorization, see [IAM Access Policies](/security/iam/access-policies) and [Legacy User Permissions](/security/iam/access-policies/legacy-permissions).
</Info>

## Managed Auth and metrics

Grafana metrics are gated behind Managed Auth services. To export metrics or use [CoreWeave Grafana](/observability/managed-grafana), you must use the Managed Auth methods.

## Other authentication methods for CKS clusters

Although Managed Auth is the recommended path, CKS clusters allow additional methods of authentication.

<Warning>
  You must use Managed Auth to create new CKS clusters or VPCs. No other authentication method is supported for these actions. Only existing CKS clusters allow alternative authentication methods.
</Warning>
