Skip to main content

UI features

The administrator can manage the features that require authorized access through the UI features. Two actions are available for each feature: Edit Permission and Edit JSON .

adminui-uifeatures

Edit Permission

When it comes to editing permissions, there are three crucial aspects to consider:

  • Global Enablement: This setting enables the functionality for all users by default, excluding those specified in the "Exclude Users" list.
  • Include Users: These are the users who are allowed to access the specific function.
  • Exclude Users: This category comprises users who are explicitly denied access to the function.

adminui-uifeatures-edit_permission

Edit JSON

Each feature has its own unique characteristics and administrators have the right to fine-tune the configuration.

Warning

Before making any changes, it's crucial to be fully informed. It's recommended to back up the current configuration beforehand. After saving the settings, the instance will require a restart to apply the changes.

User Authentication (userProvider)

Supported Versions

Chemotion ELNProtocol/Services
1.6 and afterOIDC, shibboleth

Setting

Once the settings have been saved, the ELN service requires a restart to apply the changes.

Configuration example:

{
  extra_rules: {
enable: false,
disable_signup: true,    
disable_db_login: false  
},  
shibboleth: { 
enable: false,
uid: 'pairwise-id',
email: 'mail',
last_name: 'sn',
first_name: 'givenName'
},
openid_connect: {
enable: true,
host: "oidc.address.edu",
icon: "path/to/image.png",
issuer: "https://oidc.address.edu/path/to/issuer",
scheme: "https",
client_id: "myClientID",
redirect_uri: "https://your.chemotion_eln.address.edu/users/auth/openid_connect/callback",
client_secret: "secret",
token_endpoint: "/oauth2/token",
authorization_endpoint: "/oauth2/auth"
},
github: {
enable: false
client_id: null
client_secret: null
}
}

OIDC Parameters

ParameterValue
enabletrue or false
hostaddress of the service
iconpath to a public image to display on the sign-in page
issuerURL of the issuer
scheme'https'
client_idclient ID
redirect_uriyour Chemotion ELN URL + '/users/auth/openid_connect/callback'
client_secretsecret
token_endpoint'/oauth2/token'
authorization_endpoint'/oauth2/auth'

Shibboleth Parameters

ParametersValue
enabletrue or false
uid'pairwise-id'
email'mail'
last_name'sn'
first_name'givenName'

Extra Rules Parameters

ParametersValue
enabletrue or false
disable_signuptrue or false
disable_db_logintrue or false (Please make sure the system has an administrator account that can log in via third-party credentials before disabling DB login.)