Default (No Authentication)
By default the authentication section of default engine, is of type NONE (i.e. disabled), and it also contains commented options for the other authentication methods
Delete what you don't need
If you don't require authentication please delete the comments
'engines': [
{
'name': DEFAULT_ENGINE_NAME, # Name of the connection
.
.
.
'auth': {
'type': Authentications.NONE,
# With Authentications.BASIC
# #### For Basic Auth ####
# 'username': '',
# 'password': ''
# With Authentications.AWS
# #### For AWS Auth ####
# 'aws_region': '',
# 'aws_service': '',
# 'aws_access_key': '',
# 'aws_secret_key': ''
# With Authentications.AWS
# #### For AWS Auth With Credentials Provider (AWS)####
# 'credentials_provider': True,
# 'aws_region': '',
# 'aws_service': ''
}
}
],
Basic
Basic authentication is a straightforward method used for user authentication in web applications and APIs. It involves the client sending the username and password credentials in the request header to access a protected resource on the server. The server then verifies the credentials and grants access if they match the stored ones.
'engines': [
{
'name': DEFAULT_ENGINE_NAME, # Name of the connection
.
.
.
'auth': {
'type': Authentications.BASIC,
'username': 'your_username',
'password': 'your_password'
}
}
],
In-URL Basic Authentication
If for some reason you need basic authentication but not in all the URLs or every URL has a different authentication credentials, there is an alternative, you can just put the credentials in the URL of each node like this
https://USENAME:PASSWORD@localhost:9200
This method does not require to setup the authentication, since the basic is implicit by adding the credentials in the URL
API Key
An API Key token that is passed as a header into all requests.
'engines': [
{
'name': DEFAULT_ENGINE_NAME, # Name of the connection
.
.
.
'auth': {
'type': Authentications.API_KEY,
'api_key': 'API KEY VALUE'
}
}
],
AWS
With Credentials Provider
An AWS credential provider is a component or mechanism that supplies the necessary credentials to authenticate and authorize access to AWS services. It is responsible for retrieving the required security credentials, such as access keys or temporary session tokens, which are then used to interact with AWS APIs, SDKs, and command-line tools.
'engines': [
{
'name': DEFAULT_ENGINE_NAME, # Name of the connection
.
.
.
'auth': {
'type': Authentications.AWS,
'credentials_provider': True,
'aws_region': 'YOUR_REGION',
'aws_service': 'YOUR_SERVICE'
}
}
],
With Access and Secret Key
This is the most basic form of authentication. It involves using an access key ID and a secret access key, which are long-term credentials. These credentials are generated in the AWS Identity and Access Management (IAM) service and provide programmatic access to AWS services. They are typically used for programmatic interactions with AWS through SDKs, CLI tools, and APIs.
'engines': [
{
'name': DEFAULT_ENGINE_NAME, # Name of the connection
.
.
.
'auth': {
'type': Authentications.AWS,
'aws_region': 'YOUR_REGION',
'aws_service': 'YOUR_SERVICE',
'aws_access_key': 'YOUR_ACCESS_KEY',
'aws_secret_key': 'YOUR_SECRET_KEY'
}
}
],
Azure
API Key
The API Key authentication method can be used for Azure.
See API Key
Managed Identity
Used when Gaia runs inside an Azure environment and needs to connect to other Azure services such as Azure AI Search, the authentication logic takes the credentials from the environment automatically, thus no additional configuration is needed aside form the type.
'engines': [
{
'name': DEFAULT_ENGINE_NAME, # Name of the connection
.
.
.
'auth': {
'type': Authentications.AZURE_MID
'azure_scope': '<the destination service scope url>'
}
}
],
Overview
Content Tools