From 9808ff64e77a00a4b6720d7ef9745200eb6bcd37 Mon Sep 17 00:00:00 2001 From: reidprichard <66481248+reidprichard@users.noreply.github.com> Date: Mon, 3 Jun 2024 13:53:59 -0400 Subject: [PATCH] Update authentication.md to note port 8080 vs 5000 (#11722) * Update authentication.md to note port 8080 vs 5000 * Update docs/docs/configuration/authentication.md Co-authored-by: Nicolas Mowen --------- Co-authored-by: Nicolas Mowen --- docs/docs/configuration/authentication.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/docs/docs/configuration/authentication.md b/docs/docs/configuration/authentication.md index f34ae45d9..5b8289bf0 100644 --- a/docs/docs/configuration/authentication.md +++ b/docs/docs/configuration/authentication.md @@ -14,6 +14,13 @@ Frigate supports two modes for authentication | `native` | (default) Use this mode if you don't implement authentication with a proxy in front of Frigate. | | `proxy` | Use this mode if you have an existing proxy for authentication. Supports passing authenticated user downstream to Frigate for role-based authorization (future implementation). | +The following ports are used to access the Frigate webUI + +| Port | Description | +| ------ | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `8080` | Authenticated UI and API access without TLS. Reverse proxies should use this port. | +| `5000` | Internal unauthenticated UI and API access. Access to this port should be limited. Intended to be used within the docker network for services that integrate with Frigate. | + ### Native mode Frigate stores user information in its database. Password hashes are generated using industry standard PBKDF2-SHA256 with 600,000 iterations. Upon successful login, a JWT token is issued with an expiration date and set as a cookie. The cookie is refreshed as needed automatically. This JWT token can also be passed in the Authorization header as a bearer token.