summaryrefslogtreecommitdiff
path: root/docs/content/en/configuration/first-factor/introduction.md
diff options
context:
space:
mode:
Diffstat (limited to 'docs/content/en/configuration/first-factor/introduction.md')
-rw-r--r--docs/content/en/configuration/first-factor/introduction.md70
1 files changed, 70 insertions, 0 deletions
diff --git a/docs/content/en/configuration/first-factor/introduction.md b/docs/content/en/configuration/first-factor/introduction.md
new file mode 100644
index 000000000..2800d3c9c
--- /dev/null
+++ b/docs/content/en/configuration/first-factor/introduction.md
@@ -0,0 +1,70 @@
+---
+title: "First Factor"
+description: "Configuring Authelia First Factor Authentication."
+lead: "Authelia uses a username and password for a first factor method. This section describes configuring this."
+date: 2022-03-20T12:52:27+11:00
+draft: false
+images: []
+menu:
+ configuration:
+ parent: "first-factor"
+weight: 102100
+toc: true
+aliases:
+ - /c/1fa
+ - /docs/configuration/authentication/
+---
+
+There are two ways to integrate *Authelia* with an authentication backend:
+
+* [LDAP](ldap.md): users are stored in remote servers like [OpenLDAP], [OpenDJ], [FreeIPA], or
+ [Microsoft Active Directory].
+* [File](file.md): users are stored in [YAML] file with a hashed version of their password.
+
+## Configuration
+
+```yaml
+authentication_backend:
+ refresh_interval: 5m
+ disable_reset_password: false
+ password_reset:
+ custom_url: ""
+```
+
+## Options
+
+### refresh_interval
+
+{{< confkey type="duration" default="5m" required="no" >}}
+
+This setting controls the interval at which details are refreshed from the backend. Particularly useful for
+[LDAP](#ldap).
+
+### disable_reset_password
+
+{{< confkey type="boolean" default="false" required="no" >}}
+
+This setting controls if users can reset their password from the web frontend or not.
+
+### password_reset
+
+#### custom_url
+
+{{< confkey type="string" required="no" >}}
+
+The custom password reset URL. This replaces the inbuilt password reset functionality and disables the endpoints if
+this is configured to anything other than nothing or an empty string.
+
+### file
+
+The [file](file.md) authentication provider.
+
+### ldap
+
+The [LDAP](ldap.md) authentication provider.
+
+[OpenLDAP]: https://www.openldap.org/
+[OpenDJ]: https://www.openidentityplatform.org/opendj
+[FreeIPA]: https://www.freeipa.org/
+[Microsoft Active Directory]: https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/ad-ds-getting-started
+[YAML]: https://yaml.org/