Skip to main content
Version: 11 - TBD

Authentication

To use Engine you need an account. Get in touch at info@cloudomation.com to request a trial account. When you sign up you create a workspace with one user. You can later add more users to your workspace. All users of your workspace will share the same resources in Engine.

Below are the descriptions on how to authenticate with Engine using different methods.

warning

Engine users are locked out when there are too many failed login attempts. When a user is locked out Engine sends an email to the user with instructions to recover the account.

note

Engine will send emails to users to inform them about security-relevant changes to their account. This includes:

  • account activation
  • change of email address
  • change of password
  • enable/disable 2FA
  • account locked-out
  • account recovery

Via the User Interface

To authenticate via the user interface you need to visit your workspace's login page. Your login page is accessible under https://<your-workspace-name>.cloudomation.com. You need to enter your user name and your password. If you enabled two-factor authentication for your user you also have to enter the current 2FA code.

Once all the required fields are filled in, you can click on "Login". If the authentication is successful your browser receives a cookie. The cookie contains a JWT token which is used to authenticate by subsequent requests. The cookie is valid for 30 days.

note

Engine supports LDAP integration. See more here.

Via the REST API

To authenticate using the REST API you need to POST a JSON string containing your credentials to https://<your-workspace-name>.cloudomation.com/api/latest/auth/login. An example JSON might look like:

{
"user_name": "kevin",
"password": "secret"
"authentication_method": "cloudomation"
}
note

authentication_method can be either "cloudomation" (if the user is defined in Engine) or "ldap:<ldap_config_name>" (if you want to use LDAP integration).

If successful, the API will respond with HTTP 302 and a Set-Cookie header. If unsuccessful, the API returns with HTTP 401: Unauthorized

Learn More

REST API reference
LDAP integration