1.3.2.1 Local User auth

Local User auth is a primitive username/password-based auth mechanism. All users and passwords are configured statically.

In general, we recommend configuring one of the other providers instead, but for small deployments with only a few users, local user auth may be all you need.

Authentication

Local users are configured on the web node by setting the following env:

CONCOURSE_ADD_LOCAL_USER=myuser:mypass,anotheruser:anotherpass

This configures two users, myuser and anotheruser, with their corresponding passwords.

When local users are configured, the log-in page in the web UI will show a username/password prompt.

Local users can also log in via fly login with the --username and --password flags.

Authorization

Local users are granted access to teams via fly set-team, using the --local-user flag:

$ fly set-team -n my-team \
    --local-user some_username

...or via --config for setting user roles:

roles:
- name: member
  local:
    users: ["some_username"]

Configuring `main` Team Authorization

Local users can be added to the main team authorization config by setting the following env on the web node:

CONCOURSE_MAIN_TEAM_LOCAL_USER=myuser

Multiple users may be specified by comma-separating them.

1.1	Getting Started
1.2	Install
1.3	Auth & Teams
1.4	The `fly` CLI
1.5	Config Basics
1.6	Pipelines
1.7	Vars
1.8	Resources
1.9	Resource Types
1.10	Jobs
1.11	Steps
1.12	Tasks
1.13	Builds
1.14	How-To Guides
1.15	Operation
1.16	Observation
1.17	Internals

1.3.2.1	Local User auth
1.3.2.2	GitHub auth
1.3.2.3	GitLab auth
1.3.2.4	BitBucket Cloud auth
1.3.2.5	CF/UAA auth
1.3.2.6	LDAP auth
1.3.2.7	Microsoft auth
1.3.2.8	Generic OIDC auth
1.3.2.9	Generic oAuth
1.3.2.10	Generic SAML auth

1.3.2.1 Local User auth

Authentication

Authorization

Configuring main Team Authorization

Configuring `main` Team Authorization