User management and authentication
Infrahub now supports standard user management and authentication systems.
A user account can have 3 levels of permissions
adminread-writeread-only
By default, Infrahub will allow anonymous access in read-only. It's possible to disable this via the configuration main.allow_anonymous_access or via the environment variable INFRAHUB_ALLOW_ANONYMOUS_ACCESS.
Authentication mechanisms
Infrahub supports two authentication methods
- JWT token: Short life tokens generated on demand from the API.
- API Token: Long life tokens generated ahead of time.
| JWT | TOKEN | |
|---|---|---|
| API / GraphQL | Yes | Yes |
| Frontend | Yes | No |
| Python SDK | Soon | Yes |
| infrahubctl | Soon | Yes |
| GraphQL Playground | No | Yes |
More information on managing API token can be found in the managing API tokens guide.
info
While using the API, the authentication token must be provided in the header:
X-INFRAHUB-KEY: 06438eb2-8019-4776-878c-0941b1f1d1ec