Skip to content

Overview

"Remote User" user authentication method is conventional, which means there are some conventions on how to set it up - but no standards around it.

The general approach is that there is another application "placed in front" of Papermerge DMS which takes care of authentication, registration, passwords, 2FA etc. In our case it will be Authelia.

Papermerge DMS will receive only information about already authenticated users via HTTP headers. The name of respective headers usually starts with "Remote", hence the name "Remote User" authentication.

Authelia Papermerge

With this approach there is no more Papermerge DMS own login view. Authelia takes over entirely login screen part as well. In other words Papermerge DMS does not participate in authentication process at all, it will just receive the ready user ID (plus some extra info) via HTTP header.

While it is very easy to conceptualize, it is actually tricky to setup. Next section will detail into specifics.