Differential D20111 Diff 48127 src/docs/user/configuration/configuring_accounts_and_registration.diviner
Changeset View
Changeset View
Standalone View
Standalone View
src/docs/user/configuration/configuring_accounts_and_registration.diviner
@title Configuring Accounts and Registration | @title Configuring Accounts and Registration | ||||
@group config | @group config | ||||
Describes how to configure user access to Phabricator. | Describes how to configure user access to Phabricator. | ||||
= Overview = | Overview | ||||
======== | |||||
Phabricator supports a number of login systems. You can enable or disable these | Phabricator supports a number of login systems. You can enable or disable these | ||||
systems to configure who can register for and access your install, and how users | systems to configure who can register for and access your install, and how users | ||||
with existing accounts can login. | with existing accounts can login. | ||||
Methods of logging in are called **Authentication Providers**. For example, | Methods of logging in are called **Authentication Providers**. For example, | ||||
there is a "Username/Password" authentication provider available, which allows | there is a "Username/Password" authentication provider available, which allows | ||||
users to log in with a traditional username and password. Other providers | users to log in with a traditional username and password. Other providers | ||||
support logging in with other credentials. For example: | support logging in with other credentials. For example: | ||||
- **LDAP:** Users use LDAP credentials to log in or register. | - **LDAP:** Users use LDAP credentials to log in or register. | ||||
- **OAuth:** Users use accounts on a supported OAuth2 provider (like | - **OAuth:** Users use accounts on a supported OAuth2 provider (like | ||||
GitHub, Facebook, or Google) to log in or register. | GitHub, Facebook, or Google) to log in or register. | ||||
- **Other Providers:** More providers are available, and Phabricator | - **Other Providers:** More providers are available, and Phabricator | ||||
can be extended with custom providers. See the "Auth" application for | can be extended with custom providers. See the "Auth" application for | ||||
a list of available providers. | a list of available providers. | ||||
By default, no providers are enabled. You must use the "Auth" application to | By default, no providers are enabled. You must use the "Auth" application to | ||||
add one or more providers after you complete the installation process. | add one or more providers after you complete the installation process. | ||||
After you add a provider, you can link it to existing accounts (for example, | After you add a provider, you can link it to existing accounts (for example, | ||||
associate an existing Phabricator account with a GitHub OAuth account) or users | associate an existing Phabricator account with a GitHub OAuth account) or users | ||||
can use it to register new accounts (assuming you enable these options). | can use it to register new accounts (assuming you enable these options). | ||||
= Recovering Inaccessible Accounts = | |||||
Recovering Inaccessible Accounts | |||||
================================ | |||||
If you accidentally lock yourself out of Phabricator (for example, by disabling | If you accidentally lock yourself out of Phabricator (for example, by disabling | ||||
all authentication providers), you can use the `bin/auth` | all authentication providers), you can normally use the "send a login link" | ||||
script to recover access to an account. To recover access, run: | action from the login screen to email yourself a login link and regain access | ||||
to your account. | |||||
If that isn't working (perhaps because you haven't configured email yet), you | |||||
can use the `bin/auth` script to recover access to an account. To recover | |||||
access, run: | |||||
``` | |||||
phabricator/ $ ./bin/auth recover <username> | phabricator/ $ ./bin/auth recover <username> | ||||
``` | |||||
...where `<username>` is the account username you want to recover access | ...where `<username>` is the account username you want to recover access | ||||
to. This will generate a link which will log you in as the specified user. | to. This will generate a link which will log you in as the specified user. | ||||
= Managing Accounts with the Web Console = | |||||
Managing Accounts with the Web Console | |||||
====================================== | |||||
To manage accounts from the web, login as an administrator account and go to | To manage accounts from the web, login as an administrator account and go to | ||||
`/people/` or click "People" on the homepage. Provided you're an admin, | `/people/` or click "People" on the homepage. Provided you're an admin, | ||||
you'll see options to create or edit accounts. | you'll see options to create or edit accounts. | ||||
= Manually Creating New Accounts = | |||||
Manually Creating New Accounts | |||||
============================== | |||||
There are two ways to manually create new accounts: via the web UI using | There are two ways to manually create new accounts: via the web UI using | ||||
the "People" application (this is easiest), or via the CLI using the | the "People" application (this is easiest), or via the CLI using the | ||||
`accountadmin` binary (this has a few more options). | `accountadmin` binary (this has a few more options). | ||||
To use the CLI script, run: | To use the CLI script, run: | ||||
phabricator/ $ ./bin/accountadmin | phabricator/ $ ./bin/accountadmin | ||||
Some options (like changing certain account flags) are only available from | Some options (like changing certain account flags) are only available from | ||||
the CLI. You can also use this script to make a user | the CLI. You can also use this script to make a user | ||||
an administrator (if you accidentally remove your admin flag) or to create an | an administrator (if you accidentally remove your admin flag) or to create an | ||||
administrative account. | administrative account. | ||||
= Next Steps = | |||||
Next Steps | |||||
========== | |||||
Continue by: | Continue by: | ||||
- returning to the @{article:Configuration Guide}. | - returning to the @{article:Configuration Guide}. |