Skip to content

octoprint.schema.config.access_control#

AccessControlConfig #

Bases: BaseModel

addRemoteUsers: bool = False class-attribute #

If a remote user is not found, add them. Use this only if all users from the remote system can use OctoPrint.

autologinAs: Optional[str] = None class-attribute #

The name of the user to automatically log on clients originating from localNetworks as. Must be the name of one of your configured users.

autologinLocal: bool = False class-attribute #

If set to true, will automatically log on clients originating from any of the networks defined in localNetworks as the user defined in autologinAs.

checkBasicAuthenticationPassword: bool = True class-attribute #

Whether to also check the password provided through Basic Authentication, if the Basic Authentication header is to be trusted. Disabling this will only match the user name in the Basic Authentication header and login the user without further checks, thus disable with caution.

groupManager: str = 'octoprint.access.groups.FilebasedGroupManager' class-attribute #

The group manager implementation to use for accessing group information. Currently only a filebased user manager is implemented which stores configured groups in a YAML file (Default: groups.yaml in the default configuration folder).

groupfile: Optional[str] = None class-attribute #

The YAML group file to use. If left out defaults to groups.yaml in the default configuration folder.

localNetworks: List[str] = ['127.0.0.0/8', '::1/128'] class-attribute #

A list of networks or IPs for which an automatic logon as the user defined in autologinAs will take place. If available OctoPrint will evaluate the X-Forwarded-For HTTP header for determining the client's IP address. Defaults to anything originating from localhost.

permissionManager: str = 'octoprint.access.permissions.PermissionManager' class-attribute #

The permission manager implementation to use.

remoteUserHeader: str = 'REMOTE_USER' class-attribute #

Header used by the reverse proxy to convey the authenticated user.

salt: Optional[str] = None class-attribute #

Secret salt used for password hashing. DO NOT TOUCH! If changed you will no longer be able to log in with your existing accounts. Default unset, generated on first run.

trustBasicAuthentication: bool = False class-attribute #

Whether to trust Basic Authentication headers. If you have setup Basic Authentication in front of OctoPrint and the user names you use there match OctoPrint accounts, by setting this to true users will be logged into OctoPrint as the user user during Basic Authentication. ONLY ENABLE THIS if your OctoPrint instance is only accessible through a connection locked down through Basic Authentication!

trustRemoteUser: bool = False class-attribute #

Whether to trust remote user headers. If you have setup authentication in front of OctoPrint and the user names you use there match OctoPrint accounts, by setting this to true users will be logged into OctoPrint as the user provided in the header. ONLY ENABLE THIS if your OctoPrint instance is only accessible through a connection locked down through an authenticating reverse proxy!

userManager: str = 'octoprint.access.users.FilebasedUserManager' class-attribute #

The user manager implementation to use for accessing user information. Currently only a filebased user manager is implemented which stores configured accounts in a YAML file (Default: users.yaml in the default configuration folder).

userfile: Optional[str] = None class-attribute #

The YAML user file to use. If left out defaults to users.yaml in the default configuration folder.

Back to top