On this page |
New
This feature was introduced in License Server 21.0.
User authentication is required for some features of the license server but can be optionally required for all users to access the license server. Requiring all users to authenticate adds an extra layer of control, flexibility and security to your license server. A user can be authenticated by email/password, LDAP credentials, and API keys.
Plain text passwords are hashed as soon as the license server receives the api call and no plain text passwords are stored on the system or kept in memory for longer than required.
Warning
HTTPS communication is required for User Authentication.
Super Users ¶
A super user is defined as an authenticated account that has all privileges and permissions. The license server will always have at minimum one super user as created by the superuser
and superuserPassword
settings in the sesinetd.ini options file.
Create a new Super User ¶
Since the license server does not store or use plain text passwords the user must create a hashed password to be set in sesinetd.ini options files.
-
Run
sesictrl hash-password mypassword
. Make sure to replacemypassword
for your own password. -
Copy the output from sesictrl and place in in the sesinetd.ini file as
superuserPassword=pbkdf2_sha256...
. If the hashed password is not copied as returned the license server will not be able to authenticate the user using the password provided.
Warning
An organization should limit these users to as few as possible as they have access to everything on the license server.
Subtopics ¶
Authentication Methods ¶
-
This section describes email/password authentication and how to set up email/password authentication in the license server.