Basic Auth is the easiest way to get started with Onyx. However, we recommend using Google OAuth, OIDC, or SAML for production deployments.
If you have questions about which authentication approach is best for your organization, don’t hesitate to contact us - we’re happy to help you choose the right solution.

Basic Setup

Using Docker: In your .env file, set: 
AUTH_TYPE=basic
Using Helm: In your values.yaml file, set: 
configMap: 
  AUTH_TYPE: basic
If you don’t need email verification, you’re done! Restart Onyx to apply the changes and the next time you visit the site, you’ll be prompted to create an account and set a password.

Basic Auth with Email Verification

Enabling email verification blocks your users from signing in until they click their verification email. Using Docker: Set the following in your .env file: 
AUTH_TYPE=basic

# Enable email verification
REQUIRE_EMAIL_VERIFICATION=true

# Email configuration
SMTP_USER=<EMAIL_TO_SEND_VERIFICATION_EMAILS_FROM>  # e.g. noreply@yourcompany.com
SMTP_PASS=<PASSWORD_FOR_THE_EMAIL_ABOVE>

# Required for non-Gmail accounts
SMTP_SERVER=<YOUR_SMTP_SERVER>
SMTP_PORT=<PORT_YOUR_SMTP_SERVER_LISTENS_ON>  # default: 587
Using Helm: Set the following in your values.yaml file: 
auth:
  secrets:
      smpt_pass: <PASSWORD_FOR_THE_SMTP_USER>
configMap: 
  AUTH_TYPE: basic
  
  REQUIRE_EMAIL_VERIFICATION: true
  SMTP_USER: <EMAIL_TO_SEND_VERIFICATION_EMAILS_FROM>

  # Required for non-Gmail accounts
  SMTP_SERVER: <YOUR_SMTP_SERVER>
  SMTP_PORT: <PORT_YOUR_SMTP_SERVER_LISTENS_ON>

Next Steps

Set up Google OAuth

Google OAuth is a secure and easy way to authenticate users with their Google accounts.

Other Onyx Configuration Options

There are many other configuration options available for Onyx.