Allow configuring custom Authentication header #9821
Replies: 4 comments 1 reply
-
Any news on this ? It seems to be such a simple thing to implement, as #2815 already implemented most of it. |
Beta Was this translation helpful? Give feedback.
-
@jamescarppe why did this get closed as an issue/request and converted to a discussion? Is Portainer planning to fix this? |
Beta Was this translation helpful? Give feedback.
-
We're moving to using discussions for questions and feature requests going forward and keeping issues for bug reports exclusively. This lets us gauge community feedback easier and facilitates wider discussion on ideas and implementation. The feature request is still open - nothing changes there. |
Beta Was this translation helpful? Give feedback.
-
For real this is a major blocker -- I am sick of CNCF corporate pompousness poisoning every project |
Beta Was this translation helpful? Give feedback.
-
Is your feature request related to a problem? Please describe.
Portainer uses the
Authentication
header for the JWT token. This might be fine for most users, but causes issues for everyone who wants to use Basic Auth. See #2809 and #3893.Describe the solution you'd like
Allow users to configure custom
Authentication
header name in a config / environmental variable. If the custom value is not set, keep using the originalAuthentication
name.See #3893 (comment) for more info
Describe alternatives you've considered
Not using Basic Auth and using an unguessable path (#2809 (comment)), which is not a proper alternative.
Additional context
Implementing this will allow users who wish to set up a second authorization at a different level to increase the security of the exposed web admin interface, and will have no effect on all other users.
Beta Was this translation helpful? Give feedback.
All reactions