Reverse proxy header authentication

Cloudbeaver supports authorization and authentication with reverse proxy headers. This option authenticates the user in Cloudbeaver via a HTTP header field.

To enable this feature, you need to - enable the Reverse proxy header based authentication method in Authentication settings of the Administration menu - Set up your NGINX configuration to send special header fields to your Cloudbeaver app.

The default values for the HTTP header fields are: - Header User Name: X-User; - Header Team Name: X-Role. - Header User Firsts Name: X-First-name - Header User Last Name: X-Last-name

The default teams for users in Cloudbeaver are "user" and "admin". The delimeter for teams is "|".

For example, if you are a user with the username "newuser", and your teams are "user" and "admin", and you want to open an app with enabled reverse proxy header auth, you need to set these HTTP headers when you send a request to your CB app:

X-User: newuser
X-Role: user|admin
X-First-name: First_name
X-Last-name: Last_name