UI features
The administrator can manage the features that require authorized access through the UI features. Two actions are available for each feature: Edit Permission and Edit JSON .
Edit Permission
When it comes to editing permissions, there are three crucial aspects to consider:
- Global Enablement: This setting enables the functionality for all users by default, excluding those specified in the "Exclude Users" list.
- Include Users: These are the users who are allowed to access the specific function.
- Exclude Users: This category comprises users who are explicitly denied access to the function.
Edit JSON
Each feature has its own unique characteristics and administrators have the right to fine-tune the configuration.
Before making any changes, it's crucial to be fully informed. It's recommended to back up the current configuration beforehand. After saving the settings, the instance will require a restart to apply the changes.
Fast Create by CAS/SMILES (fastInput)
This feature allows administrators to enable or disable the FastInput creation of samples using CAS numbers or SMILES strings.
Supported Versions
- Chemotion ELN 2.1.1 and after
Setting
The system performs compound lookups using the CAS Common Chemistry API and the PubChem API. A valid CAS API key is required to access the CAS Common Chemistry API.
If no CAS API key is provided, the system will only utilize the PubChem API for lookups.
To apply for a CAS API key, visit: CAS Common Chemistry API.
To enable CAS Common Chemistry API, add your API key in the configuration as shown below:
{
cas_api_key: "your_cas_api_key_here"
}
User Authentication (userProvider)
This feature allows administrators to configure third-party authentication methods for user login, such as OpenID Connect (OIDC) and Shibboleth.
Supported Versions
| Chemotion ELN | Protocol/Services |
|---|---|
| 1.6 and after | OIDC, shibboleth |
Setting
Once the settings have been saved, the ELN service requires a restart to apply the changes.
Configuration example:
{
extra_rules: {
enable: false,
disable_signup: true,
disable_db_login: false
},
shibboleth: {
enable: false,
uid: 'pairwise-id',
email: 'mail',
last_name: 'sn',
first_name: 'givenName'
},
openid_connect: {
enable: true,
host: "oidc.address.edu",
icon: "path/to/image.png",
issuer: "https://oidc.address.edu/path/to/issuer",
scheme: "https",
client_id: "myClientID",
redirect_uri: "https://your.chemotion_eln.address.edu/users/auth/openid_connect/callback",
client_secret: "secret",
token_endpoint: "/oauth2/token",
authorization_endpoint: "/oauth2/auth"
},
github: {
enable: false
client_id: null
client_secret: null
}
}
OIDC Parameters
| Parameter | Value |
|---|---|
| enable | true or false |
| host | address of the service |
| icon | path to a public image to display on the sign-in page |
| issuer | URL of the issuer |
| scheme | 'https' |
| client_id | client ID |
| redirect_uri | your Chemotion ELN URL + '/users/auth/openid_connect/callback' |
| client_secret | secret |
| token_endpoint | '/oauth2/token' |
| authorization_endpoint | '/oauth2/auth' |
Shibboleth Parameters
| Parameters | Value |
|---|---|
| enable | true or false |
| uid | 'pairwise-id' |
| 'mail' | |
| last_name | 'sn' |
| first_name | 'givenName' |
Extra Rules Parameters
| Parameters | Value |
|---|---|
| enable | true or false |
| disable_signup | true or false |
| disable_db_login | true or false (Please make sure the system has an administrator account that can log in via third-party credentials before disabling DB login.) |