How do I set up authentication groups?
A permissions file must be created when authentication is configured for FeatureBase Community.
The permissions file:
- maps the identity provider (IdP) group IDs to read/write permissions to specified FeatureBase indexes
- has one group ID for cluster-level administration access.
Users cannot authenticate with FeatureBase if they do not belong to a group, or the group has no permissions granted to FeatureBase indexes.
Table of contents
Before you begin
- Install FeatureBase Community
- Configure TLS authentication
user-groups: "<group-id1>": "<index1>": "<write>" "<index2>": "<read>" "<group-id2>": "<index1>": "<read>" admin: "<groupd-id3>
| ||name of equivalent group in IdP.|
| ||FeatureBase index to grant as read/write to the group.|
| ||Designated administrator group.|
Restart the FeatureBase Community server if you make alterations to the permissions file
- When TLS is enabled, the scheme must be explicitly defined as
featurebase.confand in the command-line.
/featurebase-install-directory/opt/parameters.yamlmust be duplicated on all nodes of a FeatureBase cluster.