Authentication

Requirements

  • Linux Control Center: version 2.12.X or higher

  • Pre-configured Single Sign-On (SSO) provider


Overview

The Linux Control Center (LCC) allows your users to centrally configure their authentication service through the "Config Authentication" menu.

Through this service, you can:

  • Control the creation of users through external authentication providers integrated with the LCC

  • Define TOTP settings

  • Manage active providers

  • Create authentication rules for groups and users

  • Perform other security configurations


Authentication Panel

  1. Access the Authentication panel through the Config option in the side menu.

  2. Click on the Authentication option.


Initial Configuration

Configure the initial parameters according to your needs:

![](/pt-br/images/authentication/inicial.png)
  • Default Provider ID: Default provider identifier, used if the user does not select a different one at the time of authentication

  • TOTP Time Tolerance: Tolerance time to validate the TOTP code after starting the login

  • TOTP Time Tmp Token Login Validation: Tolerance time for using a rotated TOTP token

  • Local Login All Users: Applies the rules in this panel to all local LCC users

  • Providers Auto Create User: Allows LCC to create the authenticated user via provider locally, if it does not already exist

  • TOTP Force All Users: Forces all users to use TOTP to login, regardless of the provider selected


Selecting Users and Groups

  1. Click Next to select the users that will have rules applied during login.

  2. In the groups tab, select the groups that will also have the rules applied.


Selecting Providers

In the Providers tab, define which providers will be available for login.

![](/pt-br/images/authentication/providers.png)

TOTP by User and Group

  1. Individually select the users that will be logged in via TOTP.

  2. Click Next to define the groups that should also use TOTP at login.

  3. Click Save to save the settings and apply them to the LCC Console.


💡 Hint: When defining users individually and disabling the TOTP Force All Users flag, other users will still be able to manually activate TOTP in their Profile panel to use it at login.

Last updated