Skip to content



Nessie currently supports 3 security modes:

  • No Security
  • Open Id Connect
  • AWS IAM Roles (supported only on the Nessie client side)


Nessie authorization can only be done externally at the moment. However, because of the way that the REST APIs are defined, many operations can be controlled via a layer 7 firewall so that users and systems can be controlled depending on what read/write and types of operations should be allowed.

Metadata authorization

Nessie supports authorization on metadata. Details are described in the Metadata Authorization section.