Server Admins can set or change the site authentication mechanism. This is typically completed during the initial configuration of your Alation system, however, changes can be applied at any time.
On the Authentication tab, you can configure and test the parameters for LDAP authentication and select and save the authentication type.
Alation supports the following types of authentication:
Built-in this is the default authentication with a login and password created by a user. Users can sign up for an account on the login screen and log in after confirming their email.
LDAP requires configuration. You can configure LDAP authentication on the Authentication tab, test it, select LDAP as the active authentication method. For details about LDAP configuration, see User Authentication with LDAP.
SAML requires configuration and cannot be configured in Alation UI. Selecting and saving this value on the Authentication tab only serves informational purposes. SAML authentication should be configured and applied using the Alation backend. For details about SAML configuration, see User Authentication with SAML.
Releases V R6 (5.10.x) and older:
Starting with release V R7 (5.12.x), the Authentication tab also includes sections User Signup Moderation Preference and Default User Role for New Accounts.
User Signup Moderation Preference¶
Allows for turning signup moderation on and off. See Enable Signup Moderation.
Release V R7 (5.12.x):
Default User Role for New Accounts¶
Available from release V R7 (5.12.x)
Informs which role is currently the default. The default role is the role that all new users are assigned when they sign up for an account.
In V R7 (5.12.x), the default role is Viewer and is not configurable.
From release 2020.3, the default role can be configured. To set a default role, select a role from the role dropdown list and Save:
Release 2020.3 and later:
The default role applies to all new users and all authentication methods (built-in, LDAP, or SAML):
New users who sign up using built-in authentication will be assigned the default role;
New users who log in using LDAP authentication will be assigned the default role;
New users who sign up using SAML authentication will be assigned the default role.
The default role assignment can be changed for each individual user on the Admin Settings > Server Admin > Users tab. See Managing Users V R7 (5.12.x) and Later.
Use Custom Groups to Manage User Suspension and Activation¶
From version 2021.1, it is possible to enable automatic suspension and activation of users accounts based on custom group membership. When this option is turned on, the default role and the User Signup Moderation Preference will be deactivated. For details, see Use Custom Groups to Assign User Roles.