System-Level Authentication
The security settings in 1Gateway are configured in the application properties or environmental variables, this layer secures the entire platform, including the UI and APIs. It controls how users authenticate with 1Gateway.
Authenticate
Purpose: Determines whether authentication is required and what mechanism is used.
To have it active, you need to configure it to any of these two options:
authenticate=oauth
authenticate=basic
Values:
false: No authentication required (insecure).basic: Enables Basic HTTP Authentication.oauth: Enables OAuth2-based authentication.true: (Legacy) Same asbasic.
Default: false
OAuth2 Configuration
If authenticate=oauth is used, the following additional properties must be configured to enable OAuth2 login via the UI:
| Property | Description |
|---|---|
authorization-url | URL used for initiating OAuth authorization flow (used by the UI). |
token-url | URL to obtain the access token. |
logout-url | URL to redirect users on logout. |
client-id | Client ID used to identify the application with the OAuth provider. |
Example of configuration (application.properties)
# SYSTEM-LEVEL SECURITY
authenticate=oauth
authorization-url=https://auth.example.com/oauth2/authorize
token-url=https://auth.example.com/oauth2/token
logout-url=https://auth.example.com/logout
client-id=1gateway-ui