TheHive supports several authentication providers:
- local (credential are securely stored in TheHive database)
- directory (LDAP and Active Directory)
- based on HTTP header to delegate authentication to reverse proxy
Multi-factor authentication can be enabled to enforce security on user authentication.
Several authentication providers can be enable. Each of them is check sequentially (order is important).
OAuth2 / OpenID-Connect#
The user can be provisionned and deprovisionned automatically based on the content of a directory. The user data are synchronised periodically. New users in LDAP are created in TheHive, removed users are disabled.