11 lines
No EOL
1 KiB
Text
11 lines
No EOL
1 KiB
Text
* **No-auth mode**: If you select **Basic Setup** in the [TUI](/tui), or your [OpenRAG `.env` file](/reference/configuration) doesn't include OAuth credentials, then the OpenRAG OpenSearch instance runs in no-auth mode.
|
|
|
|
This mode uses one anonymous JWT token for OpenSearch authentication.
|
|
There is no differentiation between users; all users that access your OpenRAG instance can access all documents uploaded to your knowledge base.
|
|
|
|
* **OAuth mode**: If you select **Advanced Setup** in the [TUI](/tui), or your [OpenRAG `.env` file](/reference/configuration) includes OAuth credentials, then the OpenRAG OpenSearch instance runs in OAuth mode.
|
|
|
|
This mode uses a unique JWT token for each OpenRAG user, and each document is tagged with user ownership.
|
|
Documents are filtered by user owner; users see only the documents that they uploaded or have access to through their cloud storage accounts.
|
|
|
|
To enable OAuth mode after initial setup, see [Ingest files with OAuth connectors](/ingestion#oauth-ingestion). |