Table of Contents
Authentication providers
Starting with version 0.8, Prosody supports authentication provider plugins. These can either use Prosody's built-in storage drivers (e.g. to use a custom format for account data), or they can integrate with external storage and authentication APIs.
Selecting a provider
A provider can be selected with the “authentication” option. This can be set globally and/or per-host.
authentication = "internal_plain" -- Default
Providers
| Name | Description |
|---|---|
| internal_plain | Plaintext passwords stored using built-in storage |
| internal_hashed | Hashed passwords stored using built-in storage |
| cyrus | Cyrus SASL integration (LDAP, PAM, …) |
| anonymous | SASL 'ANONYMOUS' mechanism, random username, requires no credentials |
There are also a number of additional providers in our prosody-modules repository. These modules are developed by the Prosody team and community, and may be at different stages of development. Please read the documentation before installing and using these modules.
| Name | Description |
|---|---|
| external | Delegate authentication to an external process or script |
| internal_yubikey | Secure two-factor YubiKey authentication |
| ldap | Authenticate users against an LDAP directory |
| dovecot | Dovecot authentication module |
| sql | Authentication via SQL Database |