Reverse proxy header authentication
Cloudbeaver supports authorization and authentication with reverse proxy headers. This option authenticates the user in Cloudbeaver via a HTTP header field.
To enable this feature, you need to
- enable Reverse proxy header based authentication method in Authentication settings of Administration menu
- Set up your NGINX configuration to send special header fields to your Cloudbeaver app.
The default values for the HTTP header fields are:
- Header User Name:
X-User; - Header Role Name:
X-Role.
Default roles for user in Cloudbeaver are "user" and "admin". Delimeter for roles is "|".
For example, if you are a user with username "newuser" and your roles are "user" and "admin" and you want to open an app with enabled reverse proxy header auth, you need to set these HTTP headers when you send a request to your CB app:
X-User: newuser
X-Role: user|admin
- Getting started
- Create connection
- Connection network options
- Supported databases
-
Drivers management
- Database authentication methods
- Database navigator
- Properties editor
- Data editor
- SQL editor
-
Entity relation diagrams
- Cloud services
-
AI Smart assistance
- Data transfer
- General user guide
- Administration
- Server configuration
-
Server security and access configuration
- Authentication methods
- Access management
- Proxy configuration
-
Secret management
- Logs
-
Query manager
- Workspace location
- Command line parameters
-
Session manager
- Deployment options
- CloudBeaver Editions
- FAQ
- Development