-
Notifications
You must be signed in to change notification settings - Fork 24
Authentication configurations
By default actinia uses basic authentication, but you can also disable authentication in the configuration file for the whole actinia API or use OAuth2 e.g. to connect to Keycloak.
By default actinia uses basic authentication. The version and swagger documentation can be requested without authentication:
curl ${ACTINIA_BASE_URL}/api/v3/version
curl ${ACTINIA_BASE_URL}/api/v3/swagger.json
The other endpoints are secured. An example request for the locations is:
curl -u "user:password" ${ACTINIA_BASE_URL}/api/v3/locations
To disable the authentication for the whole actinia API in the actinia configuration file the authentication in the section API has to be set to False. By default it is set to True.
[API]
authentication = False
Setting actinia up with disabled authentication the locations can be reqested via:
curl ${ACTINIA_BASE_URL}/api/v3/locations
Actinia can also verify the Keycloak token. For this a KEYCLOAK section has to be added to the actinia configuration:
[KEYCLOAK]
config_path = /etc/default/keycloak.json
group_prefix = /actinia-user/
where the config_path is the file to the Keycloak OIDC JSON from the actinia client in Keykloak.
Setting actinia up with Keycloak authentication the locations can be reqested via:
TOKEN=xxx
curl -H 'Accept: application/json' -H "Authorization: Bearer ${TOKEN}" ${ACTINIA_BASE_URL}/api/v3/locations | jq
An example DEV setup is explained here.