Fabric Credentials Overview
Fabric includes an authentication mechanism that enables managing user access control and restrictions, such as:
- Creating / dropping users, roles and API Keys.
- Assigning users to roles.
- Granting access on different levels, for example:
- Access to LUIs can be defined on a user level.
- Access to the methods that access LUIs can be defined on a role level.
User access control management can be performed using either:
Web Admin UI
K2Auth Tables
Fabric database credentials are saved in Cassandra under the k2auth keyspace in the following four tables:
Fabric database credentials are validated each time a user attempts to access Fabric via the console, Web Services or other interfaces. Permissions can be set on an LU level or an LUI level.
Note that to avoid authentication of a user on an LUI level, set DISABLE_LUI_AUTH in the config.ini file to true. By default, this parameter is false.
Setting Credentials
Create the users and define their credentials, as follows:
Create a new user and a new role.
Exit Fabric and log in with this user or use the token to invoke a [Web Service]().
Admin User
By default, Fabric creates the admin user as the initial superuser when starting for the first time and defines their user and password as "admin". Fabric can also be started for the first time with another initial superuser that is not defined as admin/admin.
- Copy the adminInitialCredentials.template file from the $K2_HOME/fabric/config.template directory to the $K2_HOME/config directory.
- Change the File Name to adminInitialCredentials.
- Edit the file and update the User/Password to the required values. Note that the username must only contain lowercase letters.
- When Fabric starts for the first time the new user is created and the adminInitialCredentials file is deleted.
Fabric Credentials Overview
Fabric includes an authentication mechanism that enables managing user access control and restrictions, such as:
- Creating / dropping users, roles and API Keys.
- Assigning users to roles.
- Granting access on different levels, for example:
- Access to LUIs can be defined on a user level.
- Access to the methods that access LUIs can be defined on a role level.
User access control management can be performed using either:
Web Admin UI
K2Auth Tables
Fabric database credentials are saved in Cassandra under the k2auth keyspace in the following four tables:
Fabric database credentials are validated each time a user attempts to access Fabric via the console, Web Services or other interfaces. Permissions can be set on an LU level or an LUI level.
Note that to avoid authentication of a user on an LUI level, set DISABLE_LUI_AUTH in the config.ini file to true. By default, this parameter is false.
Setting Credentials
Create the users and define their credentials, as follows:
Create a new user and a new role.
Exit Fabric and log in with this user or use the token to invoke a [Web Service]().
Admin User
By default, Fabric creates the admin user as the initial superuser when starting for the first time and defines their user and password as "admin". Fabric can also be started for the first time with another initial superuser that is not defined as admin/admin.
- Copy the adminInitialCredentials.template file from the $K2_HOME/fabric/config.template directory to the $K2_HOME/config directory.
- Change the File Name to adminInitialCredentials.
- Edit the file and update the User/Password to the required values. Note that the username must only contain lowercase letters.
- When Fabric starts for the first time the new user is created and the adminInitialCredentials file is deleted.
