I’ve been running Oxdized for a couple of years now and well integrated with LibreNMS. Can someone point me to where I can configure it so that I can have some sort of authentication when I go to http://x.x.x.x:8888/nodes
At the moment when I go to the URL it goes directly to the nodes list and anyone who know this URL within our network can access the configuration of all device I have. I’ve got IOS, NXOS, Vyatta, pfsense and procurve devices all backed up by Oxidised
Thanks for the help
You can avoid that by making oxidized-web binding to localhost only.
Thanks @sorano. Is there a document you can point me to so I can go through to do that ?
Let me know
Yes.
Ive been to that link and doesnt show anything about configuring Oxidized web interface using any native authentication
Lol… Come on. I never wrote anything about authentication…
Can’t you solve this basic problem on your own and want me deliver a solution on a silver platter? 
If your problem is that the oxidized-web is reachable for everyone on your network I can think of quite a few workarounds to that.
The no brainer one would obviously be to use a firewall to limit access.
Another option would be binding on localhost then use a reverse proxy that limits access.
Thanks. Got it sorted
how did you sorted that out?
i have the same exact situation but i can’t find anything.
Oxidize doesn’t have any idea of user’s let alone permissions not even remotely able to be linked to SAML
Put it behind .htpasswd or whatever. Oxidized doesn’t have any native authentication but that doesn’t mean you can’t use workarounds to protect the webui.