Keyboard shortcuts

Press or to navigate between chapters

Press S or / to search in the book

Press ? to show this help

Press Esc to hide this help

Authentication

ArchiveTube supports three authentication modes: oidc, password, and none.

Password

To use password authentication, set the mode to password in your config and add or update the password_hash value with a bcrypt password. Storing the password in bcrypt ensures that if anyone gets read access to the database, they cannot easily decrypt the password.

You can generate a bcrypt password online with bcrypt-generator.com or in a terminal using htpasswd.

htpasswd -bnBC 12 "" password | tr -d ":"

Replace password with your password. If you want extra security, increase the bcrypt cost (here 12) to something like 14 or even 16, but this will lead to slower login times (depending on your hardware).

OpenID Connect

If you want to use OIDC for authentication, add these values to your config and set the auth mode to oidc:

oidc_issuer = "https://auth.example.com"
oidc_client_id = ""
oidc_client_secret = ""
oidc_redirect_url = "https://yt.example.com/auth/callback"

Warning

ArchiveTube does not currently support PKCE (Proof Key for Code Exchange). This feature is in the roadmap.

None

This auth mode is not recommended, but it can be used if you’re running ArchiveTube locally or developing it.