Atlas utilizes an authentication proxy and Keycloak to enable user access and management within the system.

All you need to do is run atlas-server start -p and you're ready to go.

Setup information



By default Atlas uses the following publicly available username and password. Make sure you change them.

Since Atlas uses Keycloak, you can use their documentation for information on how to use the Keycloak Console. The console itself will be located at https://<machine_address>:8443. The admin account can create users and any user can login through the Atlas UI and CLI.

Atlas comes with 2 default accounts that should be changed after testing is done.

Keycloak admin account (used only for accessing the Keycloak admin console):

Username: admin

Password: admin

Atlas test account (used to log into Atlas from the terminal and Atlas Dashboard):

Username: test

Password: test

Useful first steps:

  1. Login to Keycloak via the admin console: https://<machine_address>:8443

  2. Change the admin password using the Keycloak console ("Master" realm > Users > View all users > Edit)

  3. Update the token lifespan to something reasonable for your organization ("Atlas" realm > Realm Settings > Tokens > Access Token Lifespan)

  4. Provision Atlas users ("Atlas" realm > Users > View all users)

Useful Keycloak documentation links

How to launch jobs in an authenticated world

Firstly, you will need to login using the foundations login command. Once you are logged in through the CLI, you can submit any job the way that you normally would (e.g. foundations submit and foundations.submit()).


For the configuration file used by foundations submit and <host> in foundations login <host>, you need to use the address and port of the authentication proxy.


  1. atlas-server start -p

  2. foundations login

  3. Create a config file under ~/.foundations/config/submission called atlas.config.yaml with scheduler_url:

  4. foundations submit atlas .

  5. Open the Atlas UI