Authentication Methods
Information
- There are two authentication methods which can be active at the same time:
- If both methods are active, a part of the users, for example, can be managed via the Active Directory and the other part can only be managed via the application.
Local Users
Information
- In
docker-compose.yml
, activate the authentication method “userpw”: 'METEOR_SETTINGS={..., "userAuth":{ "userpw": true, ...
- Users are only managed in the database.
- Via the parameter Disable Self-Registration, the registration can be disabled.
- Users can be invitied via
SAML
Information
- Configuration of the IdP in PLANTA pulse in the file
docker-compose.yml
:
- The key/value pairs need to be added to the
docker-compose.yml
in 'METEOR_SETTINGS={ "saml":[{...}]
separated by commas.
- Furthermore, the authentication method “saml” needs to be activated in the file
docker-compose.yml
: 'METEOR_SETTINGS={..., "userAuth":{ "saml": true, ...
"provider": "azure", // fix
"entryPoint": <SAML endpoint>,
"issuer": <URL to the application>,
"idpSLORedirectURL": <Single Logout URL on the IdP>,
"federationMetaDataUrl": <URL to the metadata of the IdP, mainly Azure, ADFS>,
"privateKeyFile": <File with the application key, Base64-encoded>,
"privateCertFile": <File with the application certificate, Base64-encoded>
- Users are automatically created in PLANTA pulse when logging in as long as the user does not exist yet (the e-mail address is the criterion).