Granular permissions #809

y0d4a · 2025-11-26T09:04:21Z

y0d4a
Nov 26, 2025

Hi, is there a way to grant access only to NetBox?
I created a user in NetBox, but authentication fails because Malcolm’s user management doesn’t seem to support NetBox-only permissions.

Answered by mmguero

Nov 26, 2025

In Malcolm you don't create users through the individual tools (NetBox, Arkime, etc.), the Malcolm authentication is done at the reverse-proxy level and then passes it through to the tools. Are you using Keycloak (either local Malcolm-managed or external) for your authentication method? That is the only Malcolm authentication method supporting role-based access controls. If you do that, you can do fine-grained permissions (e.g., give a user only ROLE_NETBOX_READ_ACCESS).

View full answer

mmguero · 2025-11-26T22:36:32Z

mmguero
Nov 26, 2025
Maintainer

In Malcolm you don't create users through the individual tools (NetBox, Arkime, etc.), the Malcolm authentication is done at the reverse-proxy level and then passes it through to the tools. Are you using Keycloak (either local Malcolm-managed or external) for your authentication method? That is the only Malcolm authentication method supporting role-based access controls. If you do that, you can do fine-grained permissions (e.g., give a user only ROLE_NETBOX_READ_ACCESS).

0 replies

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Granular permissions #809

Uh oh!

{{title}}

Uh oh!

Replies: 1 comment

Uh oh!

{{title}}

Uh oh!

Select a reply

Uh oh!

Granular permissions #809

Uh oh!

y0d4a Nov 26, 2025

Replies: 1 comment

Uh oh!

mmguero Nov 26, 2025 Maintainer

y0d4a
Nov 26, 2025

mmguero
Nov 26, 2025
Maintainer