Self-Hosted dashboard authentication

[mustafamagdy]

Hi everyone,

I have a question regarding the security of the dashboard UI when self-hosting:

• Does Inngest provide built-in authentication mechanisms for the dashboard, or should we implement our own authentication layer? and if yes, how?
• Are there any specific configurations or middleware you suggest to restrict access to authorized users only?

I want to ensure that the dashboard is secure and accessible only to authorized personnel within our organization.

Any guidance or documentation you could provide would be greatly appreciated!

Thanks in advance for your help.

[sathishkannan162]

I would suggest you to add a load balancer like nginx with basic authentication. But this will causes issues with inngest in your workflow calling your inngest server, so add another domain with api authentication.

Then use interceptors to add Authorization headers.

[djfarrelly]

Currently, self-hosted Inngest doesn't provide auth. The best path forward for now is @sathishkannan162's suggestion.

If we did add support for auth, what type of setup would you like to see? We could potentially add Github or Google auth as an option, but it would take some time. We'd also be open to contributions in our inngest repo if you're interested.

[dougecomp]

Portainer create a user with a password we provide on interface on first run. Maybe something similar should be nice!

[puneetv05]

Simple user/pass protection on the dashboard is a basic requirement for self-hosting. At the moment, achieving this with Traefik or nginx basic auth is messy — it adds unnecessary complexity just to protect the dashboard, while still needing to allow routes like /e/ (or other event inbound endpoints) to bypass authentication.

[quangthien27]

agree with this

[reactsaas]

this smells like intioneally left out .

the overhead of protecting the dashboard like though load balancer is like totaly overkill and makes this really unusable unless you have a really big setup already . Had to go with cloud way for now since it just too much of a hassle ... with auth it would be instantly usable for smaller scale ... but as i said...

best option probably the helm exmaple .. but that is expensive to host ... so yea ...

iam not willing to clone and add auth either since that would be annoying to maintain too :D ..

[quangthien27]

Currently, have to put a Cloudflare Zero Trust application in front of self host inngest dashboard domain, exclude /e/ . Seems ok so far. Not sure if it still has any risks though

[chreniuc]

Are there any news on this? Is there a plan to add simple auth? It can be as simple as keeping a json in the backend with user and pass, I do not understand why it doesn't have it..