Authentication

Overview

This page describes how to set up authentication for Key UI (Workspace). For information about authenticating java/python/excel client using api key, see KeyAccess

By default Key UI (Workspace) uses WebDataServer for authentication. The section below describes the authentication strategies available in WebDataServer and how to set that

Admin User

A local admin account with username=admin is created by default in WebDataServer. This account cannot be disabled or deleted.

Default password for username=admin is ksadmin

Please update this password by setting the property: KS_WEB_DATA_SERVER_ADMIN_PASSWORD

LDAP

WebDataServer can be setup to use LDAP for authentication.

Sample Configuration

KS_APP_WEB_DATA_SERVER_SECURITY=ldap
KS_APP_WEB_DATA_SERVER_LDAP_URL=ldap://ldap.keysquare.trading:389/dc=keysquare,dc=trading
KS_APP_WEB_DATA_SERVER_LDAP_USER_SEARCH_FILTER=(&(uid={0})(objectclass=person))
KS_APP_WEB_DATA_SERVER_LDAP_USER_SEARCH_BASE=cn=users,cn=accounts

WebDataServer will need to restarted for these settings to take effect

When a user successfully logs into Key UI using their ldap id, a user entry will automatically be created for them in KeyAccess. An administrator can then assign roles to this user by adding it to a user group

Of course, you can create the user entry in KeyAccess ahead of time using the users ldap id in lowercase e.g. HELLO12 will be hello12

We don't currently support auto-assigning users to groups/roles using ldap group membership. Please reach out to us if you're interested in this feature

Overview​

Admin User​

LDAP​

Overview

Admin User

LDAP