You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: modules/ROOT/pages/authentication-authorization/manage-users.adoc
+2-2Lines changed: 2 additions & 2 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -649,7 +649,7 @@ If no home database is set, the DBMS default database is used as the home databa
649
649
* One or more `SET AUTH` clauses can be used to set xref:authentication-authorization/auth-providers.adoc[Auth Providers], which define authentication / authorization providers for the user. This might be used to configure external auth providers like LDAP or OIDC, but can also be used as an alternative way to set the native (password-based) auth settings like `SET PASSWORD` and `SET PASSWORD CHANGE REQUIRED`.
650
650
Examples can be found below for `native`, xref:authentication-authorization/sso-integration.adoc#auth-sso-auth-providers[here] for OIDC and xref:authentication-authorization/ldap-integration.adoc#auth-ldap-auth-providers[here] for LDAP.
651
651
* It is mandatory to specify at least either a `SET PASSWORD` or a `SET AUTH` clause because users must have at least one Auth Provider.
652
-
* The `SET PASSWORD CHANGE [NOT] REQUIRED`, `SET STATUS`, `SET AUTH`, and `SET HOME DATABASE` clauses can be applied in any order.
652
+
* The `SET PASSWORD CHANGE [NOT] REQUIRED`, `SET STATUS`, `SET AUTH`, and `SET HOME DATABASE` clauses can be applied in any order, as can their `REMOVE` counterparts where applicable. However, all `REMOVE` clauses must come before the first `SET` clause.
653
653
654
654
[NOTE]
655
655
====
@@ -865,7 +865,7 @@ This results in the DBMS default database being used as the home database for th
865
865
[role=label--new-5.24]
866
866
* `REMOVE AUTH` is used to remove one or many xref:authentication-authorization/auth-providers.adoc[Auth Provider(s)] from a user. It cannot be used in a way that would mean a user has no Auth Providers.
867
867
* `REMOVE ALL AUTH` is used to remove all existing xref:authentication-authorization/auth-providers.adoc[Auth Providers] from a user. It must be used in conjunction with at least one `SET AUTH` clause in order to meet the requirement that a user always has at least one auth provider.
868
-
* The `SET PASSWORD CHANGE [NOT] REQUIRED`, `SET STATUS`, `SET AUTH`, and `SET HOME DATABASE` clauses can be applied in any order.
868
+
* The `SET PASSWORD CHANGE [NOT] REQUIRED`, `SET STATUS`, `SET AUTH`, and `SET HOME DATABASE` clauses can be applied in any order, as can their `REMOVE` counterparts where applicable. However, all `REMOVE` clauses must come before the first `SET` clause.
869
869
870
870
871
871
.Modify the user `bob` with a new password and active status, and remove the requirement to change his password:
0 commit comments