Access control

Communication between Leek components is secured with different Authentication and Authorization mechanisms.

Agent to API

Authentication between the agent and the API is ensured using API key header and additional headers providing request context to Leek API as it will be receiving requests from different agents subscriptions and it should know which leek application to index the events to. Requests sent from agent to the API must include these headers:

  • x-leek-org-name - the organization name is the domain name if leek user signed up with a GSuite google. for instance, and google account username if leek user signed up with standard google account.

  • x-leek-app-name: the application name chosen when the application was first created.

  • x-leek-app-key - the API key secret. it will be generated by leek api when the application is created.


Authentication between the web application and backend is ensured using Firebase JWT Token provided after the user logs in. the API will validate the token before processing any request, making sure that the JWT token is valid and also checking if the user is allowed to call the target endpoint as some endpoints like purging application and deleting application endpoints are only permitted for application owners. and other endpoints are only authorized for leek admins.

Last updated on by Adami Hamza