mirror of
https://github.com/0rangebananaspy/authelia.git
synced 2024-09-14 22:47:21 +07:00
71 lines
1.8 KiB
Markdown
71 lines
1.8 KiB
Markdown
|
---
|
||
|
title: "First Factor"
|
||
|
description: "Configuring Authelia First Factor Authentication."
|
||
|
lead: "Authelia uses a username and password for a first factor method. This section describes configuring this."
|
||
|
date: 2022-03-20T12:52:27+11:00
|
||
|
draft: false
|
||
|
images: []
|
||
|
menu:
|
||
|
configuration:
|
||
|
parent: "first-factor"
|
||
|
weight: 102100
|
||
|
toc: true
|
||
|
aliases:
|
||
|
- /c/1fa
|
||
|
- /docs/configuration/authentication/
|
||
|
---
|
||
|
|
||
|
There are two ways to integrate *Authelia* with an authentication backend:
|
||
|
|
||
|
* [LDAP](ldap.md): users are stored in remote servers like [OpenLDAP], [OpenDJ], [FreeIPA], or
|
||
|
[Microsoft Active Directory].
|
||
|
* [File](file.md): users are stored in [YAML] file with a hashed version of their password.
|
||
|
|
||
|
## Configuration
|
||
|
|
||
|
```yaml
|
||
|
authentication_backend:
|
||
|
refresh_interval: 5m
|
||
|
disable_reset_password: false
|
||
|
password_reset:
|
||
|
custom_url: ""
|
||
|
```
|
||
|
|
||
|
## Options
|
||
|
|
||
|
### refresh_interval
|
||
|
|
||
|
{{< confkey type="duration" default="5m" required="no" >}}
|
||
|
|
||
|
This setting controls the interval at which details are refreshed from the backend. Particularly useful for
|
||
|
[LDAP](#ldap).
|
||
|
|
||
|
### disable_reset_password
|
||
|
|
||
|
{{< confkey type="boolean" default="false" required="no" >}}
|
||
|
|
||
|
This setting controls if users can reset their password from the web frontend or not.
|
||
|
|
||
|
### password_reset
|
||
|
|
||
|
#### custom_url
|
||
|
|
||
|
{{< confkey type="string" required="no" >}}
|
||
|
|
||
|
The custom password reset URL. This replaces the inbuilt password reset functionality and disables the endpoints if
|
||
|
this is configured to anything other than nothing or an empty string.
|
||
|
|
||
|
### file
|
||
|
|
||
|
The [file](file.md) authentication provider.
|
||
|
|
||
|
### ldap
|
||
|
|
||
|
The [LDAP](ldap.md) authentication provider.
|
||
|
|
||
|
[OpenLDAP]: https://www.openldap.org/
|
||
|
[OpenDJ]: https://www.openidentityplatform.org/opendj
|
||
|
[FreeIPA]: https://www.freeipa.org/
|
||
|
[Microsoft Active Directory]: https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/ad-ds-getting-started
|
||
|
[YAML]: https://yaml.org/
|