Key Concepts

Conjur is a security orchestration system. It is designed to work with and enhance your existing tooling and workflows. To this end, we provide many different services and tools to help you secure your development cycle, from initial implementation to running in production. To learn how Conjur can be most effective for your organization, there are a few key concepts to understand.

Role-based access control

The Conjur authorization functionality is based on Role-Based Access Control. A "role" is an identity such as a user or machine, or a collection of roles.

Learn about how this model drives Conjur in RBAC in Conjur .

Machine identity

For Conjur to see everything, each machine is assigned an identity.

Learn how to create and use identities in Machine Identity in Conjur .


Conjur provides encrypted, access controlled, and audited management of infrastructure secrets such as database passwords, SSL certificates and keys, SSH keys, and cloud credentials.

Learn about how Conjur manages access to secrets in Secrets in Conjur .


Conjur is fully programmable through its HTTPS RESTful API. In addition, we provide a comprehensive command-line interface (CLI), as well as API client libraries for several languages.

Learn about security automation with Conjur in Automation in Conjur .

Enterprise directories

You can import Users and Groups from your existing LDAP or ActiveDirectory into Conjur. The result is a "blended" system which extends and enhances your existing enterprise directory.

Learn about how Conjur integrates with existing directories in Directory Integrations with Conjur .