Skip to content

octoprint.schema.config.access_control#

AccessControlConfig #

Bases: BaseModel

addRemoteUsers: bool = False class-attribute instance-attribute #

If a remote user is not found, add them. Use this only if all users from the remote system can use OctoPrint.

autologinAs: Optional[str] = None class-attribute instance-attribute #

The name of the user to automatically log on clients originating from localNetworks as. Must be the name of one of your configured users.

autologinLocal: bool = False class-attribute instance-attribute #

If set to true, will automatically log on clients originating from any of the networks defined in localNetworks as the user defined in autologinAs.

checkBasicAuthenticationPassword: bool = True class-attribute instance-attribute #

Whether to also check the password provided through Basic Authentication, if the Basic Authentication header is to be trusted. Disabling this will only match the user name in the Basic Authentication header and login the user without further checks, thus disable with caution.

groupManager: str = 'octoprint.access.groups.FilebasedGroupManager' class-attribute instance-attribute #

The group manager implementation to use for accessing group information. Currently only a filebased user manager is implemented which stores configured groups in a YAML file (Default: groups.yaml in the default configuration folder).

groupfile: Optional[str] = None class-attribute instance-attribute #

The YAML group file to use. If left out defaults to groups.yaml in the default configuration folder.

localNetworks: List[str] = ['127.0.0.0/8', '::1/128'] class-attribute instance-attribute #

A list of networks or IPs for which an automatic logon as the user defined in autologinAs will take place. If available OctoPrint will evaluate the X-Forwarded-For HTTP header for determining the client's IP address. Defaults to anything originating from localhost.

permissionManager: str = 'octoprint.access.permissions.PermissionManager' class-attribute instance-attribute #

The permission manager implementation to use.

remoteUserHeader: str = 'REMOTE_USER' class-attribute instance-attribute #

Header used by the reverse proxy to convey the authenticated user.

salt: Optional[str] = None class-attribute instance-attribute #

Secret salt used for password hashing. DO NOT TOUCH! If changed you will no longer be able to log in with your existing accounts. Default unset, generated on first run.

trustBasicAuthentication: bool = False class-attribute instance-attribute #

Whether to trust Basic Authentication headers. If you have setup Basic Authentication in front of OctoPrint and the user names you use there match OctoPrint accounts, by setting this to true users will be logged into OctoPrint as the user user during Basic Authentication. ONLY ENABLE THIS if your OctoPrint instance is only accessible through a connection locked down through Basic Authentication!

trustRemoteUser: bool = False class-attribute instance-attribute #

Whether to trust remote user headers. If you have setup authentication in front of OctoPrint and the user names you use there match OctoPrint accounts, by setting this to true users will be logged into OctoPrint as the user provided in the header. ONLY ENABLE THIS if your OctoPrint instance is only accessible through a connection locked down through an authenticating reverse proxy!

userManager: str = 'octoprint.access.users.FilebasedUserManager' class-attribute instance-attribute #

The user manager implementation to use for accessing user information. Currently only a filebased user manager is implemented which stores configured accounts in a YAML file (Default: users.yaml in the default configuration folder).

userfile: Optional[str] = None class-attribute instance-attribute #

The YAML user file to use. If left out defaults to users.yaml in the default configuration folder.