User Management

Lenses focuses on data and application centric security via permissions on groups of users.

LDAP, Active Directory and Single-Sign-On provide user authentication and group management, while Kerberos provides only user authentication, but no group management.

Authentication Users Groups Permissions
LDAP
SSO
Kerberos
Basic

Authentication

Learn more about different authentication providers:

When working with LDAP or Active Directory, user and group management is done in LDAP.

Lenses provides fine-grained role based access (RBAC) for your existing groups of users over data and applications. Create a group in Lenses with the same name (case-sensitive) as in LDAP/AD:

And set permissions. For setup and complex LDAP cases see here.

When using an SSO solution such as Azure AD, Okta, OneLogin or an open source like KeyCloak user and group management is done in the Identity Provider.

Lenses provides fine-grained role based access (RBAC) for your existing groups of users over data and applications. Create a group in Lenses with the same name (case-sensitive) as in yous SSO group.

And set permissions. To setup SSO read here.

When using Kerberos, the authentication of users is happening via SPNEGO.

1. First create a group of users

2. Then add users to groups

And set permissions. To setup Kerberos read here.

With Basic Authentication, create groups of users and add users to those groups. Authentication and authorization is fully managed and users can change their passwords.

Learn more about permissions and create groups and add users.