Secure operator access

Sign in to Coality Command Center

OIDC sign-in with server-managed sessions, safe redirect-back behavior, and a tenant-aware shell that keeps privilege on the server side.

Secure sessionsTenant-aware scopeShared NOC + SOC Operations

Login flow

01
302/303

Redirect to reference IdP

Browser reaches the OIDC authorization flow.

02
httpOnly

Create server session

Opaque session cookie stays out of client JS.

03
/sitemap.xml

Return to work

Coality lands on the intended route after callback.

Auth model

OIDC

Reference IdP active for local verification.

Session cookie

Server-managed

httpOnly and same-site aware.

OIDC Sign-In

Coality local reference IdP

Sign in with the local Keycloak realm to establish a server-managed Coality session. The API stores the opaque session token in an httpOnly cookie and keeps tenant scope on the server side.

After sign-in, Coality will return you to /sitemap.xml.

Sign in with Keycloak

What this sign-in unlocks

Unified operational workspace

Land directly in the command center, incidents workspace, or settings route you requested before authentication.

  • Protected command center and analyst views
  • Server-managed session cookies that stay out of client JavaScript
  • Deterministic logout back to the public Coality sign-in screen