You can configure Humio to run with or without user authentication. If user authentication is disabled, then everyone with access to the UI or the API can do anything!
Authentication disabled by default
In order to make first-time setup easy for new users, Humio defaults to running without authentication at all. This is not recommended for production environments.
When you run Humio with authentication enabled, each repository has its own set of permissions.
Humio identifies users by their email address or username, and validates identities using an external identity provider, e.g. LDAP, Google OAuth, SAML IdP.
There are three levels of users: ‘normal’, ‘administrator’, and ‘root’:
You can create your initial users with ‘Root’ access through the HTTP API. See how to gain root access using a local access token.
You can manage Users and their rights using the ‘Repository’ web page in Humio. Root users (apart from the initial one) can get added through the ‘Administration’ page when you are logged in as a root user.
Humio supports the following authentication types:
Users are authenticated (logged in) using one of the above integrations. But the authorization and permissions is handled in Humio.