Active Directory Authentication

Seq supports integration with Active Directory, simplifying user account and credential management.

📘

Active Directory authentication is not available when deploying Seq to Docker/Linux.

To enable Active Directory authentication, choose the Active Directory authentication provider, and specify a domain account when enabling the first administrative user.

Generate a Recovery Key

See the Recovery Keys topic for instructions for generating a recovery key, which can be used to easily reset authentication or update an expired client secret if access to the Seq UI is lost.

Switching to Active Directory authentication

If you wish to enable Active Directory authentication on an existing instance, choose Settings > System > Authentication > Change.

Managing Active Directory users

With Active Directory authentication enabled, user accounts by default will still need to be added by a Seq administrator.

If you wish, you may permit all domain users to access Seq automatically by checking the Automatically provision user-level access option in Settings > System:

Usernames

Users must be configured and must log in with fully-qualified DOMAIN\user usernames in order to be authenticated against the corresponding AD account.

Troubleshooting

If you find Seq is unable to authenticate users, you may consider:

• The Seq Windows service must run as an account with permission to access the directory, either
  • A domain user account, or
  • LocalSystem on a machine that is joined to the domain in question
• Users need to provide a domain-qualified username (DOMAIN\user) when logging in

If you're having trouble, check that users from the directory can authenticate successfully on the Windows machine hosting Seq (it's not necessary that they have any permissions on this machine, only that their username/password can be authenticated at login).

Detailed error information can be found in the Seq log files.