Dittofeed offers three “Auth Modes”, each of which varies in its level of flexibility and ease of use. The three modes are:

  • Anonymous: No authentication is required to access the Dittofeed Dashboard or API.
  • Single Tenant: A minimalistic authentication setup that allows you to create a single, shared, password protected user account for your Dittofeed instance.
  • Multi Tenant: A more complex authentication setup that allows you to integrate with any OIDC compliant identity provider. This allows for multiple users to access your Dittofeed instance, each with their own credentials.

Anonymous

This is the default auth mode for Dittofeed. It requires no configuration and works out of the box. It is not recommended for production use, but is useful for testing and development. This auth mode is visible in our demo instance.

Single Tenant

A minimalistic authentication setup that allows you to create a single, shared, password protected user account for your Dittofeed instance.

Currently the single-tenant auth mode is only available with dittofeed-lite.

This setup can be configured by provide the following environment variables to Dittofeed:

AUTH_MODE='single-tenant'
# to be shared among users accessing the dashboard
PASSWORD=<your-password>
# used to secure user sessions
SECRET_KEY=<your-secret-key>

The SECRET_KEY should be a 32 byte string. You can generate one using the following script,

const crypto = require('crypto');

function generateSecretKey(bytes = 32) {
  const buffer = crypto.randomBytes(bytes);  // Generate 32 random bytes
  return buffer.toString('base64');  
}

randomString = generateSecretKey();

console.log(randomString);  // This will be a 64-character hexadecimal string

Single Tenant is the default auth mode for Dittofeed’s Render deployment.

Multi Tenant

The Multi Tenant auth mode is a more complex authentication setup that allows you to integrate with any OIDC compliant identity provider e.g. auth0. This allows for multiple users to access your Dittofeed instance, each with their own credentials. This is the default authentication mode in Dittofeed Cloud.

We provide this auth mode in our cloud by using a proxy server, in our kubernetes cluster. Access to the kubernetes resources to set this up on your own are available on request. This is not something we recommend for most self-hosted deployments, due to the complexity of the setup.

Self-Host with AWS CloudformationUpgrading from v0.18.1 to v0.19.0