Difference between revisions of "Documentation/Administration/Authentication Methods"
From ScriptRunner
m |
m |
||
| Line 16: | Line 16: | ||
* Click [[File:newButton.png]]. | * Click [[File:newButton.png]]. | ||
| + | |||
| + | * The Create Authentication Service window should now be shown. Enter a name and description for your authentication service and select the Authentication Service Type you want to use: | ||
| + | ** google_auth - This allows you to use Google's OAuth service to authenticate using exiting Google accounts. For this to work, users Login Id's must match their Google email address. | ||
| + | ** ldap - This allows you to hook into existing authentication providers such as Microsoft Active Directory. | ||
| + | ** local - This provides a means of having ScriptRunner do it's own local authentication. | ||
| + | |||
| + | * Depending on the Authentication Service Type selected, you will be prompted for further information. | ||
| + | ** ''google_auth'' | ||
| + | *** Client ID: This is the Client ID shown in the Google Developers Console, as shown below.<br /><br />[[File:GoogleOAuthClientId.png]]<br /><br />Further information on Google OAuth can be found at https://developers.google.com/identity/protocols/oauth2. | ||
| + | |||
| + | ** ''ldap'' | ||
| + | *** LDAP URL: The location of your LDAP server or service (example: ldap://ldap-server-name) | ||
| + | *** LDAP Bind User: The | ||
| + | *** LDAP Bind User Password: | ||
| + | *** LDAP Bind User Password AES Key: | ||
| + | *** LDAP Search Root: | ||
| + | *** LDAP User Object Name: | ||
| + | *** Allow Password Changes: | ||
| + | *** Max Login Attempts: The maximum number of failed attempts allowed for each user account before it becomes automatically locked. | ||
| + | |||
| + | ** ''local'' | ||
| + | *** Password Salt: | ||
| + | *** Password Validitiy Period (days): | ||
| + | *** Max Login Attempts: The maximum number of failed attempts allowed for each user account before it becomes automatically locked. | ||
Revision as of 00:45, 13 June 2020
Documentation :: Administration :: Authentication Methods
ScriptRunner provides a number of authentication methods in order to help ease of access for your users, with authentication methods able to be set at an individual user level.
The three current types of authentication available by default are:
- LDAP
- Google OAuth
- Locally stored passwords
Creating An Authentication Service
- From the menu, select Manage Authentication Services.
- Click
.
- The Create Authentication Service window should now be shown. Enter a name and description for your authentication service and select the Authentication Service Type you want to use:
- google_auth - This allows you to use Google's OAuth service to authenticate using exiting Google accounts. For this to work, users Login Id's must match their Google email address.
- ldap - This allows you to hook into existing authentication providers such as Microsoft Active Directory.
- local - This provides a means of having ScriptRunner do it's own local authentication.
- Depending on the Authentication Service Type selected, you will be prompted for further information.
- google_auth
- Client ID: This is the Client ID shown in the Google Developers Console, as shown below.
Further information on Google OAuth can be found at https://developers.google.com/identity/protocols/oauth2.
- Client ID: This is the Client ID shown in the Google Developers Console, as shown below.
- google_auth
- ldap
- LDAP URL: The location of your LDAP server or service (example: ldap://ldap-server-name)
- LDAP Bind User: The
- LDAP Bind User Password:
- LDAP Bind User Password AES Key:
- LDAP Search Root:
- LDAP User Object Name:
- Allow Password Changes:
- Max Login Attempts: The maximum number of failed attempts allowed for each user account before it becomes automatically locked.
- ldap
- local
- Password Salt:
- Password Validitiy Period (days):
- Max Login Attempts: The maximum number of failed attempts allowed for each user account before it becomes automatically locked.
- local