blob: 889c51d6e04ae8253fa7cdbaec9b54cb91a004eb (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
|
---
title: "First Factor"
description: "Configuring Authelia First Factor Authentication."
lead: "Authelia uses a username and password for a first factor method. This section describes configuring this."
date: 2022-06-15T17:51:47+10:00
draft: false
images: []
menu:
configuration:
parent: "first-factor"
weight: 102100
toc: true
aliases:
- /c/1fa
- /docs/configuration/authentication/
---
There are two ways to integrate *Authelia* with an authentication backend:
* [LDAP](ldap.md): users are stored in remote servers like [OpenLDAP], [OpenDJ], [FreeIPA], or
[Microsoft Active Directory].
* [File](file.md): users are stored in [YAML] file with a hashed version of their password.
## Configuration
{{< config-alert-example >}}
```yaml
authentication_backend:
refresh_interval: '5m'
password_reset:
disable: false
custom_url: ''
```
## Options
This section describes the individual configuration options.
### refresh_interval
{{< confkey type="string,integer" syntax="duration" default="5 minutes" required="no">}}
This setting controls the interval at which details are refreshed from the backend. Particularly useful for
[LDAP](#ldap).
### password_reset
#### disable
{{< confkey type="boolean" default="false" required="no" >}}
This setting controls if users can reset their password from the web frontend or not.
#### custom_url
{{< confkey type="string" required="no" >}}
The custom password reset URL. This replaces the inbuilt password reset functionality and disables the endpoints if
this is configured to anything other than nothing or an empty string.
### file
The [file](file.md) authentication provider.
### ldap
The [LDAP](ldap.md) authentication provider.
[OpenLDAP]: https://www.openldap.org/
[OpenDJ]: https://www.openidentityplatform.org/opendj
[FreeIPA]: https://www.freeipa.org/
[Microsoft Active Directory]: https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/ad-ds-getting-started
[YAML]: https://yaml.org/
|
