Default Admin User

The default admin user owns the organization and has admin rights to every workspace in the Tracecat deployment.

There are two ways the default admin user is created:

  • If basic auth is enabled, the default admin user is created from the email and password provided in the environment variables.
  • If OAuth or SAML SSO is enabled, the default admin user is assigned to the first user that logs into the Tracecat instance.

Authentication Methods

In production, use OAuth or SAML SSO. Basic auth is meant for local development only.

Tracecat currently supports the following authentication methods:

  • basic: Email and Password
  • google_oauth: Google OAuth
  • sso: SAML SSO

Choose from a number of authentication methods listed below to get started.

Basic Auth

Email and password authentication.

Google OAuth

Learn how to authenticate into Tracecat using Google OAuth.

SAML SSO

Learn how to authenticate into Tracecat using SAML SSO.

Enable / Disable Authentication Methods

You can enable / disable multiple authentication methods in the .env file by modifying the TRACECAT__AUTH_TYPES environment variable. TRACECAT__AUTH_TYPES is a comma separated list of auth method keys: i.e. basic, google_oauth, sso.

TRACECAT__AUTH_TYPES=basic,google_oauth,sso
AWS ECS FargateBasic Auth