1.2.2.1 Local User auth

Local User auth is a primitive username/password-based auth mechanism. All users and passwords are configured statically.

In general, we recommend configuring one of the other providers instead, but for small deployments with only a few users, local user auth may be all you need.

Authentication

Local users are configured on the web node by setting the following env:

CONCOURSE_ADD_LOCAL_USER=myuser:mypass,anotheruser:anotherpass

This configures two users, myuser and anotheruser, with their corresponding passwords.

When local users are configured, the log-in page in the web UI will show a username/password prompt.

Local users can also log in via fly login with the --username and --password flags.

Authorization

Local users are granted access to teams via fly set-team, using the --local-user flag:

$ fly set-team -n my-team \
    --local-user some_username

...or via --config for setting user roles:

roles:
- name: member
  local:
    users: ["some_username"]

Configuring main Team Authorization

Local users can be added to the main team authorization config by setting the following env on the web node:

CONCOURSE_MAIN_TEAM_LOCAL_USER=myuser

Multiple users may be specified by comma-separating them.