Introduction

The platform supports user authentication and login verification for all users.

User Sources

Local Users

Administrator account created during platform deployment
Accounts created through the platform interface
Users added through local dex configuration file

Third-Party Users

LDAP Users

Enterprise users synchronized from LDAP servers
Accounts are imported through IDP (Identity Provider) integration
Source is displayed as the IDP configuration name
Integration is configured through IDP settings

OIDC Users

Third-party platform users authenticated via OIDC protocol
Source is displayed as the IDP configuration name
Integration is configured through IDP settings

WARNING

For OIDC users added to a project before their first login:

Source is displayed as "-" until successful platform login
After successful login, source changes to the IDP configuration name

Other Third-Party Users

Users authenticated through supported dex connectors (e.g., GitHub, Microsoft)
For more information, refer to the dex official documentation

User Management Rules

WARNING

Please note the following important rules:

Local usernames must be unique across all user types
Third-party users (OIDC/LDAP) with matching usernames are automatically associated
Associated users inherit permissions from existing accounts
Users can log in through their respective sources
Only one user record is displayed per username in the platform
User source is determined by the most recent login method

User Lifecycle

The following table describes different user statuses on the platform:

Status	Description
Normal	User account is active and can log in to the platform
Disabled	User account is inactive and cannot log in. Contact platform administrator for activation. Possible reasons: - No login for 90+ consecutive days - Account expiration - Manual disable by administrator
Locked	Account is temporarily locked due to 5 failed login attempts within 24 hours. Details: - Lock duration: 20 minutes - Can be manually unlocked by administrator - Account becomes available after lock period
Invalid	LDAP-synchronized account that has been deleted from the LDAP server. Note: Invalid accounts cannot log in to the platform

ON THIS PAGE

How to

Architecture

Concepts

Guides

How To

Trouble Shooting

Concepts

Guides

How To

Troubleshooting

Install

Concepts

Guides

How To

Disaster Recovery

Concepts

Guides

How To

Guides

Compliance

Install

API Refiner

User

Guides

Group

Guides

Role

Guides

IDP

Guides

Troubleshooting

User Policy

Guides

Overview

Images

Guides

How To

Virtual Machine

Guides

How To

Troubleshooting

Network

Guides

How To

Storage

Guides

Backup and Recovery

Guides

Concepts

Guides

Pre-Application Creation Preparation

Creating Applications

Creating Workloads

Actions You Can Take After Creating an Application

Configuring Network

Using Services

Using Ingresses

Using Gateways and Route Rules

Using LoadBalancers

Operation and Maintenance

Catalog

Pod and Container

Pod

Container

How To

Concepts

Guides

How To

Install

Guides

How To

Concepts

Guides

Argo CD Concept

Alauda Container Platform GitOps Concepts

Creating GitOps Application

GitOps Observability

Architecture

Guides

How To