From 9eaa616d5dfb1f76ffdd0e46d5df08d9f9ff854b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C5=81ukasz=20Mierzwa?= Date: Thu, 26 Sep 2019 20:24:20 +0100 Subject: [PATCH] fix(docs): update docs to mention basic auth handling --- docs/CONFIGURATION.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/docs/CONFIGURATION.md b/docs/CONFIGURATION.md index 3e0844f8f..562e0b98c 100644 --- a/docs/CONFIGURATION.md +++ b/docs/CONFIGURATION.md @@ -69,10 +69,10 @@ alertmanager: (`https://user:password@alertmanager.example.com`) and you don't want it to be visible to users then ensure `proxy: true` is also set in order to avoid leaking auth information to the browser. - Without proxy mode full URI needs to be passed to karma web UI code. - With proxy mode all requests will be routed via karma HTTP server and since - karma has full URI in the config it only needs Alertmanager name in that - request. + Note: if URI contains username and password and proxy option is NOT enabled + (see below), then the username & password information will be stripped from + the URI and `Authorization` header using Basic Auth will be set for all + in browser requests. To set a different URI for all browser requests (can be any valid URI) see `external_uri` option below. - `external_uri` - base URI of this Alertmanager server used for all browser