Authentication
Last updated
Last updated
NannyML Cloud supports three authentication methods:
No authentication: public access to your NannyML Cloud instance
Local authentication: use a predetermined list of usernames and passwords to restrict access to your NannyML Cloud instance
OIDC: use an external Identity Provider such as Microsoft to restrict access to your NannyML Cloud instance
By choosing local authentication you can define a list of users who can access NannyML cloud. Each user requires an email, and a password. After creating a user, it is possible to delete them, but it is not possible to update the user information. This means updating the user password requires deleting and re-creating the user.
You need to add the users manually, setting up the user email and password for each one of them.
The chosen password will appear protected under asterisks symbol '****'. Although the password is not openly displayed, ti is a good practice to use a password manager app to create and share the new password with the new user.
By choosing OIDC authentication, you can add your authentication provider to authorize your users to access NannyML Cloud. You can use built in Azure AD or register your OIDC provider.
Azure AD requires you to provide your tenant ID and client id. you can find instructions on how to find these information on Microsoft configuration documentation.
On custom setup, you need to provide:
Audience ID: A client id token issued by the OAuth 2.0 provider.
Authority URL: A public login URL for the OAuth 2.0 pointing to your tenant
Issuer URL: The OIDC issuer URL
You can find more information about setting up OIDC on this documentation.
Before saving the new configuration changes, remember to test the new configuration setting by clicking on Test authentication. When you click on the Test authentication button, you get redirected to the login page to test the login flow. If the login works, you get back to NannyML Cloud page.