--- title: "Settings" diataxis: how-to applies_to: product: "nirmata-control-hub" audience: ["platform-engineer"] last_updated: 2026-04-16 url: https://docs.nirmata.io/docs/control-hub/settings/ --- > **Applies to:** Nirmata Control Hub 4.0 and later The settings feature in Nirmata allows you to edit and update your user profile details. Users can access their account information in *Settings* > *Account*, and set up **Git**, **Jira**, and **Vault** integrations with Nirmata. >Note: Administrators have access to all resources and can manage other users. In this section you will learn more about the following: 1. [Account](/docs/control-hub/settings/account) 2. [Profile](/docs/control-hub/settings/profile) 3. [Alarms](/docs/control-hub/settings/alarms) 4. [Integrations](/docs/control-hub/settings/integrations) --- ## Multi-Factor Authentication (MFA) for Sensitive Operations Nirmata Control Hub supports Multi-Factor Authentication (MFA) to secure critical workflows. MFA is required for specific high-impact operations and helps ensure that only authorized users can perform them. >NOTE: Only Admin users can configure MFA settings. ## MFA Settings Admins can enforce MFA for the following sensitive operations: * Removing API keys for any or all users * Deleting policy sets in a cluster * Approving policy exception requests Once enforced, any user (including Admins) performing these actions will be required to verify their identity using MFA. Go to `Settings>MFA for Operations` and toggle MFA requirements for the listed operations as necessary. By default, MFA is enabled for all operations. ![image](/images/mfa-settings.png) ## How it Works 1. When a user attempts an MFA-protected operation for the first time, and they have not set up MFA, the system prompts them to set up MFA. 1. After setup, the user will be prompted to enter a valid MFA token (from an authenticator app) before the operation proceeds. 1. If MFA is already configured, the user will be asked for their token directly. >NOTE: Users only need to set up MFA once. Subsequent operations will require a token but not a re-setup. ## User MFA Setup Flow When a non-Admin user attempts a protected action and MFA is required: 1. They will be guided through a one-time MFA setup using a TOTP-based authenticator app (e.g., 2FAS Auth, Google Authenticator). 1. They’ll scan a QR code and enter a verification code from their app. 1. Once setup is complete, they can proceed with the operation by verifying with an MFA token. --- ## AI Preferences Nirmata Control Hub includes powerful AI-driven features to enhance policy authoring and remediation. These features require administrative approval to comply with organizational policies related to AI usage. This section explains how to configure AI settings for your organization within Nirmata Control Hub. ## Accessing AI Settings To manage AI features: 1. Navigate to _Settings>AI_ in the Nirmata Control Hub. 1. The AI Approval section will be displayed. ![image](/images/ai-settings.png) ## AI Features The following AI-powered capabilities are available: * **Policy Copilot:** Generates Kyverno policies from English descriptions. Useful for quickly drafting policy definitions using natural language input. * **Remediation Assistant:** Suggests Kubernetes resource definitions that can resolve policy violations. Helps platform and security teams fix issues quickly and consistently. ## Granting AI Usage Approval To enable AI features for your organization: 1. For each feature listed, select either: * I Agree to approve use of the feature. * I Do Not Agree to disallow its usage. 1. Click Save to apply the selected preferences. >NOTE: These settings are organization-wide and must be configured by an administrator. ## Important Considerations * If AI usage is not approved, the corresponding features will be disabled for all users in your organization. * Settings can be updated anytime by revisiting the AI Settings page. --- ## Account Users can verify their Nirmata subscription details in **Settings > Account**. In the subscription section, the following details are available: * Type * Start Date * License Key Users can also view their Nirmata Quotas and Usage details in **Settings > Account**. The Quotas and Usage section displays the following metrics: * Clusters * Nodes * Pods * Namespaces ## AI Usage Users can monitor their AI usage and credits in the **AI Usage** tab within **Settings > Account**. This section provides detailed tracking of AI-powered feature consumption, including: ### Usage Metrics * **Total Token Used**: Cumulative tokens consumed during the current billing period * **Remaining Credits this Month**: Available credits remaining out of the monthly allocation * **Current billing period**: Shows when the credits will reset ### Conversation History The AI Usage section displays a detailed table of all AI conversations with the following information: * **Date**: Timestamp of the AI interaction * **User**: The user who initiated the AI request * **Model**: The specific AI model used (e.g., AWS Bedrock, Anthropic Claude Sonnet) * **App**: The application context (e.g., copilot, chat) * **Tokens**: Number of tokens consumed in the request * **Request Count**: Number of requests made Users can filter the conversation history by date range to analyze usage patterns over time. When approaching the credit limit, users are notified and can contact their Customer Support representative to increase the limit. --- ## Profile In the **Settings** > **Profile** view, users can **Copy API Key**, **Generate a new API Key**, and **Change Password**. Under *My Settings*, the user's details are displayed with information related to *Name, Email, Identity Provider, Role, and Last Login*. ![image](/images/new_profile.png) **Admin users** can edit their profile information by clicking on the edit button. They can change their *role, name, email address, and identity provider* and turn on multi-factor authentication. ![image](/images/edit_profile.png) --- ## Alarms Nirmata offers comprehensive alarm management capabilities to correlate state and metrics and notify users of any unexpected conditions in their applications or clusters.

## Terminology Object | Description ---------------|---- Alarm Type | An Alarm Type defines the schema for an alarm. This includes data to indicate when the alarm must be triggered, and when it should be cleared. Alarm Notifier | A Notifier includes settings for where and how alarm notifications should be sent. Alarm | An Alarm (or Alarm Instance) captures data for an alarm that is raised, or is in the process of being raised. ## Concepts An alarm is created when the trigger condition specified in an alarm type occurs within the scope specified in the filter. The alarm is automatically cleared when the clear condition for the object is triggered. Alarms can also be dismissed or deleted as needed. --- ## Integrations The **Integrations** section in *Settings* allows integration of the Nirmata platform to third-party applications like **Git**, **GitHub App**, **Slack**, **Venafi**, and **Jira**. ![Integration](/images/integration-new.png) ## GitHub App Nirmata users can integrate GitHub App for secure, enterprise-ready authentication with GitHub repositories. This integration is used by Nirmata AI Agents (like the Remediator Agent) to create pull requests and manage issues. To configure GitHub App integration, see the detailed [GitHub App Integration guide](githubapp/). **Key Benefits:** - Enhanced security with short-lived tokens - Fine-grained permissions and access control - Better audit trail for compliance - Centralized credential management through Nirmata Control Hub ## Git Nirmata users can integrate Git to set up accounts for GitOps. To configure Git, click **Add Git Credentials**/**Create Git Credentials** and add the following Git details: 1. **Name** - A unique identifier for the Git Credential. 2. **Username** - Git username. 3. **Password/ Key** - Git password. >**NOTE:** You can add *Access Controls* to restrict access to Git Credentials. ## Slack Nirmata users can integrate Slack accounts to receive alarm notifications. To configure a Slack account, click **Add Slack Credentials**/**Create Slack Settings** and add the following Slack credentials: 1. **Name** - Name of the Slack account. 2. **API Token** - API access token for the account. >**Note:** Validate the API Token by clicking on the **Validate API Token** button. ## Venafi Nirmata users can integrate the Venafi security system by setting up Venafi credentials. To configure Venafi credentials: 1. Click **Add Venafi Settings**. 2. Enter the following Venafi credentials to add the Venafi security configuration, and click **Add**. * **Name** - Name of the Venafi integration. * **Auth URL** - The authentication URL for the Venafi Trust Protection Platform (TPP). * **HSM URL** - The HSM URL for the Venafi Trust Protection Platform (TPP). * **Username** - Venafi Trust Protection Platform username. * **Password** - Venafi Trust Protection Platform password. * Additional Trusted Certificate (Optional) ## Jira Nirmata users can configure Jira Change Management to automatically track application changes in Jira. To configure and integrate Jira: 1. Click **Create Jira Settings** or **Add Jira Settings**. 2. Enter the following Jira account details: **Name**, **Address**, **Username / Email**, and **Password**. 3. Select the **Accept All Certificates** checkbox if you want to add the certificates. 4. Click **Next**. 5. Enter **Project Key**, **Priority Type ID**, **Issue Type ID**, and click **Next**. 6. Add **Access Control Policy** and click **Finish**.