Using this configuration in production is not secure and strongly discouraged.

Deploying Keep without authentication is the quickest way to get up and running, ideal for local development or internal tools where security is not a concern.

Setup Instructions

Either if you use docker-compose, kubernetes, openshift or any other deployment method, add the following environment variable:

# Frontend
AUTH_TYPE=NOAUTH

# Backend
AUTH_TYPE=NOAUTH

Implications

With AUTH_TYPE=NOAUTH:

  • Keep won’t show any login page and will let you consume APIs without authentication.
  • Keep will use a JWT with “keep” as the tenant id, but will not validate it.
  • Any API key provided in the x-api-key header will be accepted without validation.

This configuration essentially bypasses all authentication checks, making it unsuitable for production environments where security is a concern.

OverviewDB Authentication