Security
- SSL/TLS Certificates
- Authentication and Authorization

Security

Security is an important topic and this section is devoted to it.

There are many ways to secure a service, such as Chroma and this section attempts to encompass the most common use cases.

Way to secure Chroma include:

In-transit encryption using SSL/TLS certificates
Access control
At-rest encryption
Adding authentication and authorization

SSL/TLS Certificates

Securing your Chroma with a proxy is one of the most common ways to secure your Chroma. Ensuring that all traffic between your client and Chroma server is encrypted is a good practice.

There are multiple ways to secure your Chroma instance using SSL/TLS certificates and here we’ll explore a few.

SSL/TLS certificate in Chroma server - configure and use SSL/TLS certificates directly in Chroma.
Proxy with SSL/TLS termination - use a proxy to terminate SSL/TLS and forward traffic to Chroma.
(Coming soon) Cloud Provider API Gateway with SSL/TLS termination - use a cloud provider’s API Gateway to terminate SSL/TLS and forward traffic to Chroma.

Authentication and Authorization

Chroma offers built-in authentication and authorization mechanisms to secure your Chroma instance.

Chroma-native Auth - Configure Chroma built-in authentication and authorization.

July 31, 2024