Authentication

Authentication modules are configured in the security configuration file. Lenses Administrator and Basic Auth do not require any configuration.

Multiple authentication configurations can be used together.

The admin account 

An admin account is available with default credentials admin/admin. If left at default, the Lenses UI will notify that the setup is insecure. You can secure the admin account.

User accounts 

The supported options to authenticate User accounts are:

Service accounts 

Service accounts are authenticated using custom or generated tokens.

Permissions and groups 

To learn how permissions work, check out the help center.

Account locking 

For BASIC and LDAP authentication type, there is the option to set a policy to temporarily lock the account when successive login attempts fail. Once the lock time window has passed the user can login again.

These two configuration entries enable the functionality (both of them have to be provided to take effect):

# Number of failed login attempts before an account is locked.
lenses.security.lockout.user.attempts.max = "5"

# The time in seconds to keep the account locked.
lenses.security.lockout.user.period.sec = "600"  #10 minutes