By default the authentication section of default engine, is of type NONE (i.e. disabled), and it also contains commented options for the other authentication methods
Tip | ||
---|---|---|
| ||
If you don't require authentication please delete the comments |
Code Block | ||||
---|---|---|---|---|
| ||||
'engines': [ { 'name': DEFAULT_ENGINE_NAME, # Name of the connection . . . 'auth': { 'type': Authentications.NONE, # With Authentications.BASIC # #### For Basic Auth #### # 'username': '', # 'password': '' # With Authentications.AWS # #### For AWS Auth #### # 'aws_region': '', # 'aws_service': '', # 'aws_access_key': '', # 'aws_secret_key': '' # With Authentications.AWS # #### For AWS Auth With Credentials Provider (AWS)#### # 'credentials_provider': True, # 'aws_region': '', # 'aws_service': '' } } ], |
Basic authentication is a straightforward method used for user authentication in web applications and APIs. It involves the client sending the username and password credentials in the request header to access a protected resource on the server. The server then verifies the credentials and grants access if they match the stored ones.
Code Block | ||||
---|---|---|---|---|
| ||||
'engines': [ { 'name': DEFAULT_ENGINE_NAME, # Name of the connection . . . 'auth': { 'type': Authentications.BASIC, 'username': 'your_username', 'password': 'your_password' } } ], |
If for some reason you need basic authentication but not in all the URLs or every URL has a different authentication credentials, there is an alternative, you can just put the credentials in the URL of each node like this
Code Block | ||||
---|---|---|---|---|
| ||||
https://USENAME:PASSWORD@localhost:9200 |
Tip |
---|
This method does not require to setup the authentication, since the basic is implicit by adding the credentials in the URL |
Anchor | ||||
---|---|---|---|---|
|
An API Key token that is passed as a header into all requests.
Code Block | ||||
---|---|---|---|---|
| ||||
'engines': [ { 'name': DEFAULT_ENGINE_NAME, # Name of the connection . . . 'auth': { 'type': Authentications.API_KEY, 'api_key': 'API KEY VALUE' } } ], |
An AWS credential provider is a component or mechanism that supplies the necessary credentials to authenticate and authorize access to AWS services. It is responsible for retrieving the required security credentials, such as access keys or temporary session tokens, which are then used to interact with AWS APIs, SDKs, and command-line tools.
Code Block | ||||
---|---|---|---|---|
| ||||
'engines': [ { 'name': DEFAULT_ENGINE_NAME, # Name of the connection . . . 'auth': { 'type': Authentications.AWS, 'credentials_provider': True, 'aws_region': 'YOUR_REGION', 'aws_service': 'YOUR_SERVICE' } } ], |
This is the most basic form of authentication. It involves using an access key ID and a secret access key, which are long-term credentials. These credentials are generated in the AWS Identity and Access Management (IAM) service and provide programmatic access to AWS services. They are typically used for programmatic interactions with AWS through SDKs, CLI tools, and APIs.
Code Block | ||||
---|---|---|---|---|
| ||||
'engines': [ { 'name': DEFAULT_ENGINE_NAME, # Name of the connection . . . 'auth': { 'type': Authentications.AWS, 'aws_region': 'YOUR_REGION', 'aws_service': 'YOUR_SERVICE', 'aws_access_key': 'YOUR_ACCESS_KEY', 'aws_secret_key': 'YOUR_SECRET_KEY' } } ], |
The API Key authentication method can be used for Azure.
See API Key
Used when Gaia runs inside an Azure environment and needs to connect to other Azure services such as Azure AI Search, the authentication logic takes the credentials from the environment automatically, thus no additional configuration is needed aside form the type.
Code Block | ||||
---|---|---|---|---|
| ||||
'engines': [ { 'name': DEFAULT_ENGINE_NAME, # Name of the connection . . . 'auth': { 'type': Authentications.AZURE_MID 'azure_scope': '<the destination service scope url>' } } ], |