How do I secure FeatureBase Community?

FeatureBase supports authentication and authorization with OAuth2.0 via a configurable identity provider (IdP).

Azure Active Directory is supported via SAML 2.0

Table of contents

• How does the authentication process work?
• Before you begin
• Step 1 - Generate keys and tokens
• Step 2 - Set up Identity Provider (IdP)
• Step 3 - Set up FeatureBase permissions
• Step 4 - Set up TLS authentication

How does the authentication process work?

Once setup, FeatureBase Community authentication works as follows:

1. A user logs into FeatureBase and is then directed to the configured IdP login page.
2. When the user logs in successfully, The IdP sends a JWT token to FeatureBase to retrieve the IdP groups the user belongs to from the configured endpoint.
3. Upon retrieving the authenticated user groups, FeatureBase passes the JWT to the user account as the molecula-chip cookie which is used to authorize the user in subsequent requests.

Before you begin

• Install FeatureBase Community

Step 1 - Generate keys and tokens

• Generate a FeatureBase SSH key
• Generate FeatureBase login auth and refresh tokens

Step 2 - Set up Identity Provider (IdP)

• Set up Azure AD for Single-Sign-On with FeatureBase

Step 3 - Set up FeatureBase permissions

• Set up FeatureBase group permissions

Step 4 - Set up TLS authentication

• Set up TLS authentication
• Set up Mutual TLS

---