We can create users via kubectl exec -i -t deployment/reana-server -- flask reana-admin user-create --email john.doe@example.org --admin-access-token $REANA_ACCESS_TOKEN but this doesn’t create a password for them as far as I can tell. They then can ping the server and use the reana client: First example - Documentation
But how can they login to the web view?
Hi @XaverS
Assuming you have local users on your deployment and you do not use some external identity provider via Single-Sign On, there are several Helm chart values that configure the behaviour.
For example, components.reana_ui.local_usersgoverns whether to allow local user accounts, and components.reana_ui.hide_signup governs whether to hide sign-up form on the web login page. So if you manage users manually, and hide the sign-up form, then users should be able to sing-in form, if there are manually pre-created.
Is this what you are looking for?
P.S. Note also that you may want to set REANA_USER_EMAIL_CONFIRMATION environment variable of the components.reana_server.environment Helm chart value to true (or false) in order to require (or not) users to first confirm their email identities via email notifications.
Hey @tiborsimko ,
I do not understand what you mean by “So if you manage users manually, and hide the sign-up form, then users should be able to sing-in form, if there are manually pre-created”. Currently, we do not hide the signup but we do not send mails if someone tries to sign up. Simply something we have ignored for now.
For the current test phase I have manually created users as described in my original post. That way they get a token they can use via the reana client, but no password to login to the web view. I would like to also generate a password for them that they can use to login the web view.
All this will change once we connect REANA to keycloak in ~ a month.