OHDSI Home | Forums | Wiki | Github

Adding security in Atlas


As Atlas at my end is all up and running, and I checked the security configuration document too at http://www.ohdsi.org/web/wiki/doku.php?id=documentation:software:webapi:basic_security which says do not use this in production environment.

can someone please help me understand and let me know on how can we add security for Atlas once it will be deployed into production.
@Ajit_Londhe @Chris_Knoll
No response received so tagging you guys :slight_smile:

Thank You

Sorry @ambuj, I don’t know much about security in Atlas. Along with Chris, tagging @anthonysena, @pavgra

Same here, someone with direct experience with setting it up should be able to help you.

Which security provider are you going to use? (e.g. Active Directory, LDAP, custom DB)

I will prefer to use Active Directory or LDAP.

Hello Pavel,

Is there any update on security part? or such things is yet to be developed?


Both AD and LDAP are supported by Atlas. Example of configuring AD is below (passed as mvn parameters; could be set as environment vars):


Hi @ambuj - we’ve done some work to update the WebAPI documentation and we’ve moved it to GitHub. The security guide is now found here:

In your original post, you noted: the basic security setup guide says do not use this in production environment. The reason for that is: the basic security setup guide walks through setting up a dedicated database for storing user identifiers and encrypted passwords for use with ATLAS. Storing both the user identifiers and passwords (even encrypted) together is a bad security practice. The updated security guide referenced above provides guidance for setting up both WebAPI and ATLAS to use enterprise grade authentication mechanisms such as Active Directory.

This did not work for me. The username and password are actual AD admin username and passowrd.
If yes, Is it secure if its in clear text?
Do we have to add any settings in Atlas config-local.js or it will automatically recognize it?
Can you provide sample setting.xml and config-local.js for the AD settings?


I created an openssl certificate to add SSL/TLS for Atlas over tomcat server and added the connector port details in tomcat’s server.xml using port 443.
When I try to open https://localhost/WebAPI/source/sources, I get error 401.

I have added details of my settings.xml, server.xml, screenshot for WebAPI and Atlas in following post.

I haven’t received any response there , so posting it here.
Please help.


@Chris_Knoll @pavgra
Hello Guys,

Basic security implementation works like a charm, now I am planning to integrate Active Directory with Atlas.
Please let me know if the steps I wrote down below are correct:

  1. Update settings.xml using the AD parameters
  2. Build WebAPI.war file
  3. Update app.js file to show Active Directory login box
  4. Open Atlas
  5. Go to Configuration/ Import LDAP/AD
  6. Test Connection

Is that all? Or something else I need to keep in mind while integrating AD with Atlas.


We are eager to implement this also.

@ambuj were you able to implement LDAP successfully? if Yes, can you provide more information on steps for implementation.

I have configured Atlas for AD integration,
Steps you can follow to configure it :

  1. You need to specify the AD parameters required in settings.xml, Compile WebAPI
  2. Configure config-local.js under Atlas\js directory to pull the Active Directory login box in Sign In
  3. Configure app.js to include only Active directory login
  4. Once WenAPI.war is deployed, open Atlas- Click sign in and login with the Active directory credentials,

Hope it helps.

Can you share more details on step 1 and step 3? I tried steps 1 through 4, I am getting permission denied and following error:

Hi Ambuj,

I need your help to configure the AD for Atlas .
Could you please share the detailed steps ??
I am getting below issue while setting ldap/Ad