Authentication
This section describes configuring user authentication in Lenses.
Last updated
This section describes configuring user authentication in Lenses.
Last updated
2024 © Lenses.io Ltd. Apache, Apache Kafka, Kafka and associated open source project names are trademarks of the Apache Software Foundation.
Authentication is configured in the security configuration file. Lenses Administrator and Basic Auth do not require any configuration.
Multiple authentication configurations can be used together.
Authentication settings go in security.conf.
The following authentication methods are available. Users, regardless of the method need to be mapped to groups.
For BASIC and LDAP authentication types, there is the option to set a policy to temporarily lock the account when successive login attempts fail. Once the lock time window has passed the user can log in again.
These two configuration entries enable the functionality (both of them have to be provided to take effect):
A Group is a collection of permissions that defines the level of access for users belonging to it. Groups consist of:
Namespaces
Application permissions
Administration permissions
When working with LDAP or Active Directory, user and group management is done in LDAP.
Lenses provides fine-grained role-based access (RBAC) for your existing groups of users over data and applications. Create a group in Lenses with the same name (case-sensitive) as in LDAP/AD.
When using an SSO solution such as Azure AD, Google, Okta, OneLogin or an open source like KeyCloak user and group management is done in the Identity Provider.
Lenses provides fine-grained role-based access (RBAC) for your existing groups of users over data and applications. Create a group in Lenses with the same name (case-sensitive) as in your SSO group.
With Basic Authentication, create groups of users and add users to those groups. Authentication and authorization are fully managed, and users can change their passwords.