LGTM Enterprise 1.22

Increasing access to LGTM

When you set up a new instance of LGTM, by default it allows access only to authenticated users. There is:

  • No access to the site for unauthenticated users.
  • No option for users to register for an LGTM account.

The default values are appropriate for most organizations. However, if required, you can edit these settings using the Settings administration page.

For detailed information about user accounts and how they're managed, see Managing users.

Allowing unauthenticated access to LGTM

By default, the site is not available to users who haven't authenticated.

To allow "anonymous" users access to the site:

  1. Display the General settings tab of the Settings administration page.
  2. In the Access section, clear the Login required check box.
  3. Click Update access settings.

The site is now visible to anyone who has browser access to the server that hosts the LGTM web app. These users can see full details of any projects that are "public" for all logged-in users, and they can access the built-in user help. By default, they have restricted access to the other, "private" projects. For information about project access, see Controlling access to content.

Enabling self-registration

By default, LGTM Enterprise is configured so that only an application administrator can create a new LGTM-managed account. Optionally, you can allow users to create their own LGTM account.

To allow users to self-register an LGTM account:

  1. Display the General settings tab of the Settings administration page.
  2. In the Access section, select the Account registration allowed check box.
  3. Click Update access settings.

When account registration is enabled, unauthenticated users see an option to register an account. When a user self-registers, the new account is added to the Users administration page. Self-registered users can see full details of any projects that are "public" for all logged-in users, and they can access the built-in user help. By default, they have restricted access to the other, "private" projects. For information about project access, see Controlling access to content.

Additionally, when you enable account registration, users who can already log in using an external authentication provider can set up an alternative login that uses an email address and password.

If you allow people to create their own accounts you should consider specifying acceptable email domains in the global login whitelist. This limits the email addresses that people can use for a self-registered account. See Restricting access to LGTM.

Related topicsRelated topics