User Authentication Types

The "Authentication Type" setting on a user controls exactly how that user can authenticate to Files.com.

Available Options

Email Signup

When you create a new user and choose Email Signup for the authentication type, an email will be sent to the new user with a link for them to create their password.

Once the user has created their password, their authentication type will change to Password. Any users listed with Email Signup in the users table have not yet configured their password.

Password

Users will log in using a password. Additionally, they may use API keys, or an SFTP key to log in via SFTP.

Imported hash

This method is typically used for importing users from a legacy or on-premise system. With this method, you provide a hash of the password rather than the password itself when initially adding or importing the user.

Supported hashes are MD5, SHA1, and SHA256. There is no need to specify the hash function used, as it will be auto-detected.

Imported hashes will be converted into Files.com's internal password storage format (based on PKCS5 / PBKDF2) upon first use by the user.

None (except SSH and API keys)

User may not log in at all, however they may use API keys, or an SFTP key to log in via SFTP.

SSO Provider

User will log in using Single Sign On. Additionally, they may use API keys, or an SFTP key to log in via SFTP. The only SSO providers that are supported using a direct password via FTP, SFTP, and WebDAV are Active Directory and LDAP. The rest require the user to set up an API or SFTP key in order to use one of these protocols.

Disabling a User Entirely Requires Another Setting

Users are always able to use API keys, or an SFTP key to log in via SFTP, regardless of the value of their Authentication Type setting.

To fully prevent a user from being able to perform any actions, even via an API or SFTP key, you can disable the user using the UI or API/SDK.