5 Authentication

Default authentication

By default, Zabbix uses internal Zabbix authentication for all users. It is possible to change the default method to LDAP system-wide or enable LDAP authentication only for specific user groups.

To set LDAP as default authentication method for all users, navigate to the LDAP tab and configure authentication parameters, then return to the Authentication tab and switch Default authentication selector to LDAP.

and SAML 2.0 authentication methods can be used in addition to the default authentication method.

Configuration

The Authentication tab allows to set the default authentication method, specify a group for deprovisioned users and set password complexity requirements for Zabbix users.

Configuration parameters:

Changes in password complexity requirements will not affect existing user passwords, but if an existing user chooses to change a password, the new password will have to meet current requirements. A hint with the list of requirements will be displayed next to the Password field in the user profile and in the accessible from the Users → Users menu.