Authentication methods
CloudBeaver provides various authentication methods, configurable by administrators. These settings can be accessed and modified via Settings -> Administration -> Server Configuration, either during initial setup or at any later time.
The Community Edition (CE) of CloudBeaver supports various types of authentication. Detailed information about each type is available in the sections below.
This method allows users to interact with CloudBeaver without needing to authenticate. Further details can be found in the Anonymous access configuration article.
Local access requires users to authenticate using a username and password. Administrators create user accounts and assign roles to define user permissions. For more detailed information, see the Local access authentication article.
This authentication method is based on HTTP request headers. For more detailed information, see
the Reverse Proxy Header Authentication article.
In addition to the authentication methods supported by the Community Edition (CE), CloudBeaver Enterprise Edition (EE) offers a broader range of authentication options. For more detailed information on each method, please refer to the subsequent sections.
AWS IAM authentication allows logging in with IAM credentials, automatically assigning a 'User' role in CloudBeaver. For more details, see the AWS IAM article.
SSO (Single Sign-On) authentication can be used for access to CloudBeaver EE. Once an SSO user is authorized to CloudBeaver instance, the appropriate user is created in the application with the User role by default (you can find more information about SSO authentication at Single Sign On article).
OpenID Connect (OIDC) authentication enables users to log in using credentials from an OpenID Connect identity provider, simplifying the login process across different services. For further details, please consult the OpenID authentication article.
AWS OpenID Connect (OIDC) authentication integrates with AWS Identity and Access Management (IAM) to enable signing in using an OpenID Connect identity provider. This approach allows for the secure delegation of permissions to AWS resources based on the identity established by the provider. For more information, please refer to the AWS OpenID authentication article.
Okta OpenID Connect (OIDC) authentication allows applications to authenticate users via Okta's OIDC provider. This process enables secure and streamlined user access to applications and services without requiring them to manage multiple passwords. For more information, refer to the Okta OpenID Authentication article.
CloudBeaver Enterprise Edition for AWS supports AWS IAM and SAML authentication methods, but local and anonymous authentication are not available in it.
- Getting started
- Create connection
- Connection network options
- Supported databases
-
Drivers management
- Database authentication methods
- Database navigator
- Properties editor
- Data editor
- SQL editor
-
Entity relation diagrams
- Cloud services
-
AI Smart assistance
- Data transfer
- General user guide
- Administration
- Server configuration
-
Server security and access configuration
- Authentication methods
- Access management
- Proxy configuration
-
Secret management
- Logs
-
Query manager
- Workspace location
- Command line parameters
-
Session manager
- Deployment options
- CloudBeaver Editions
- FAQ
- Development