atoti.SecurityConfig

final class atoti.SecurityConfig

The security config.

Note

This feature is not part of the community edition: it needs to be unlocked.

This configures the parts of the security system that cannot be changed once the session is started.

See also

atoti.Session.security and atoti.tables.Tables.restrictions to continue configuring the security once the session is started.

basic_authentication: BasicAuthenticationConfig

Always enabled even if sso is not None to facilitate the authentication of service/technical users.

See also

BasicAuthenticationSecurity.

client_certificate: ClientCertificateConfig | None = None

https: HttpsConfig | None = None

jwt: JwtConfig

same_site: Literal['lax', 'none', 'strict'] = 'lax'

The value to use for the SameSite attribute of the HTTP cookie sent by the session.

See https://web.dev/samesite-cookies-explained for more information.

Note

"none" requires the session to be served over HTTPS.

sso: KerberosConfig | LdapConfig | OidcConfig | None = None

The config to delegate authentication to a Single Sign-On provider.