Skip to main content Link Search Menu Expand Document (external link)
Simple Configuration Server

Defining Users

This section only applies if you’re using the default user authentication system (More info here)

The ‘scs-users.yaml’ file contains the list of users of your SCS deployment. Set the ‘auth.options.users_file’ property in your ‘scs-configuration.yaml’ to point to the location of this file.

A simple scs-users.yaml, containg only 1 user, could look like:

- id: example-user
  token: !scs-secret 'scs-tokens.yaml#example-user'
  has_access:
      to_paths:
        - /configs/*
      from_networks:
        - 127.0.0.1/32

All properties are required, as defined in the schema.

You always have to whitelist both the ‘paths’ as well as the ‘from_networks’ for each user. You can use ‘*’ as a wildcard character in the paths. The ‘from_networks’ have to be a subset of the globally allowed IPs that are defined at auth.options.networks.whitelist in scs-configuration.yaml. If you want to re-use parts like ‘from_networks’ for multiple users, use YAML anchors.

If you want to put your scs-users.yaml in a git repository, seperate the secrets as in the example above. Note that the !scs-secret YAML tag refers to the auth.options.directories.secrets rather than directories.secrets (though you can set these to the same value, as described here).