Can we use Langfuse without any Authentication enabled? #4119

SudhaGarimella · 2024-11-08T08:32:30Z

SudhaGarimella
Nov 8, 2024

The reason I ask this question is we are facing a small issue in our organization. If we can allow using Langfuse app without any authentication for now.

Since the Langfuse app that we will be deploying will only be available on a specific VPN. So for phase 1 we do not want to enable any authentication.

Is that possible?

I tried this but I don't see environment: - DATABASE_URL=postgresql://postgres:postgres@db:5432/langfuse - NEXTAUTH_SECRET=mysecret **- AUTH_DISABLE_USERNAME_PASSWORD=true** - SALT=mysalt - NEXTAUTH_URL=http:localhost:3000 - TELEMETRY_ENABLED=${TELEMETRY_ENABLED:-true} **- NEXT_PUBLIC_SIGN_UP_DISABLED=true** - LANGFUSE_ENABLE_EXPERIMENTAL_FEATURES=${LANGFUSE_ENABLE_EXPERIMENTAL_FEATURES:-false}

After the container is up - I see what is attached in the image.

My expectation is: When I use localhost:3000 - I should see the langfuse dashboard. Is that possible with configuration?

Answered by dosubot[bot]

Nov 8, 2024

Hey @SudhaGarimella! 👋 I'm here to help you with any bugs, questions, or contributions you have. Let's dive into this together!

There isn't a direct configuration option in Langfuse to completely disable all forms of authentication. However, you can disable email/password authentication by setting AUTH_DISABLE_USERNAME_PASSWORD=true and prevent new user sign-ups by setting NEXT_PUBLIC_SIGN_UP_DISABLED=true. This setup will still require existing users to authenticate, but it restricts new sign-ups ^[1]^[2].

If you need to bypass authentication entirely, you might need to modify the codebase directly, which isn't recommended due to potential security risks and maintenance challenges. Since …

View full answer

@SudhaGarimella · 2024-11-08T08:34:21Z

dosubot[bot]
bot Nov 8, 2024

Hey @SudhaGarimella! 👋 I'm here to help you with any bugs, questions, or contributions you have. Let's dive into this together!

There isn't a direct configuration option in Langfuse to completely disable all forms of authentication. However, you can disable email/password authentication by setting AUTH_DISABLE_USERNAME_PASSWORD=true and prevent new user sign-ups by setting NEXT_PUBLIC_SIGN_UP_DISABLED=true. This setup will still require existing users to authenticate, but it restricts new sign-ups ^[1]^[2].

If you need to bypass authentication entirely, you might need to modify the codebase directly, which isn't recommended due to potential security risks and maintenance challenges. Since your deployment is on a specific VPN, you might consider implementing network-level access controls as an additional layer of security while keeping some form of authentication enabled.

To continue talking to Dosu, mention @dosu.

3 replies

jannikmaierhoefer Nov 8, 2024
Collaborator

Hi @SudhaGarimella, dosu bot is right. We don't have an option out of the box to disable authentification completely.

jannikmaierhoefer Nov 8, 2024
Collaborator

Feel free to open an idea post for this https://langfuse.com/ideas

SudhaGarimella Nov 11, 2024
Author

Thank you.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Langfuse

Can we use Langfuse without any Authentication enabled? #4119

{{title}}

{{editor}}'s edit

{{editor}}'s edit

Replies: 1 comment 3 replies

{{title}}

{{title}}

{{title}}

{{title}}

Select a reply

Langfuse

Can we use Langfuse without any Authentication enabled? #4119

SudhaGarimella Nov 8, 2024

Replies: 1 comment · 3 replies

dosubot[bot] bot Nov 8, 2024

jannikmaierhoefer Nov 8, 2024 Collaborator

jannikmaierhoefer Nov 8, 2024 Collaborator

SudhaGarimella Nov 11, 2024 Author

SudhaGarimella
Nov 8, 2024

Replies: 1 comment 3 replies

dosubot[bot]
bot Nov 8, 2024

jannikmaierhoefer Nov 8, 2024
Collaborator

jannikmaierhoefer Nov 8, 2024
Collaborator

SudhaGarimella Nov 11, 2024
Author