Configuring Authentication

Driverless AI supports Client Certificate, LDAP, Local, mTLS, OpenID, PAM, none, and unvalidated (default) authentication. These can be configured by specifying the environment variables when starting the Driverless AI Docker image or by specifying the appropriate configuration options in the config.toml file.

Notes:

  • You can enable multiple authentication methods with the additional_authentication_methods config.toml setting. These are enabled alongside the default method specified with the authentication_method config.toml setting. Login forms for each additional method are available on the /login/<authentication_method> path.

  • If multiple authentication methods are enabled, each method must be set up so that it results in the same username to provide access to the same resources.

  • Driverless AI is also integrated with IBM Spectrum Conductor and supports authentication from Conductor. Contact sales@h2o.ai for more information about using IBM Spectrum Conductor authentication.

  • Driverless AI does not support LDAP client auth. If you have LDAP client auth enabled, then the Driverless AI LDAP connector will not work.