Users options:
This is list of options regarding Users section, these options can be set from manage → users.
These options are saved inside given user configuration file. The filename depends on the name of the users → nameOfUser.conf.
⚠️ Note: You can use SHIFT with mouse scroll to scroll horizontally!
| Key | Requirements | Conf File field | Description | Possible values | Default |
|---|---|---|---|---|---|
| Enable | - | enabled | If the given user is enabled and will be allowed to log in | ||
| Username | - | name | Unique username that is identifying given user | String | - |
| Password | - | password | Password that is used to log in as given user. It is stored as hash for safety | String | - |
| Secret | Authentication Mode = Local/Secret | useSecret | Use a secrets manager | Boolean | false |
| Secret Name | Authentication Mode = Local/Secret AND Secret | secretName | Secret to be used by secrets manager. For more information read Secrets | String | - |
| - | Email associated with given user | String | - | ||
| Management Privilege | - | (isAdmin, isReadOnly) | Defines what set of permissions is assigned to a user | None / Admin / Read Only | Admin |
| (Management Privilege) | - | isAdmin | User have admin set of priviliges, allowing them to perform tasks such as configuring settings, managing users, and accessing all resources | Boolean | true |
| (Management Privilege) | - | isReadOnly | User have read only set of priviliges, users will be unable to make any changes to the configuration, but they will retain access to resources based on their filter settings | Boolean | false |
| Audit User | - | isAuditUser | If enabled, the user will have access to audit trails | Boolean | false |
| Portal User | - | isPortalUser | If enabled, the user will have access to portal mode | Boolean | false |
| Authentication Mode | - | (isLdapEnabled, isKerberosEnabled, isSamlEnabled, isJwtEnabled) | Authentication method to perform authentication by | Local/Secret / LDAP / SAML / Kerberos | Local/Secret |
| (Authentication Mode) | - | isLdapEnabled | Should LDAP be used for the given user | Boolean | false |
| LDAP Configuration | Authentication Mode = LDAP | ldapConfigData | LDAP configuration to be used for the given user | (Ldap Configuration) | - |
| (Authentication Mode) | - | isKerberosEnabled | Should Kerberos be used for the given user | Boolean | false |
| (Authentication Mode) | - | isSamlEnabled | Should Saml be used for the given user | Boolean | false |
| (Authentication Mode) | - | isJwtEnabled | Should JWT key be used. It is used to sign and validate the token signature. | Boolean | false |
| - | - | isExternalPortalApprover | Is it external approver? The External Approvals option is a feature that allows external users (without a Heimdall account) to approve or deny sessions requested in the portal. To enable this, several prerequisites must be met: External Approvals Overview | Boolean | - |
| Groups Add | - | groupsToAdd | Groups to add to given user | (List of groups) | - |
| Groups Remove | - | groupsToRemove | Groups to delete from given user | (List of groups) | - |
| Two Factor Authentication | Authentication Mode = Local/Secret OR LDAP | sharedSecret | Google Authenticator compatible two-factor authentication | String | - |
| - | - | file | Name of the file that contains given user configuration | String | - |