How can I restrict access on my self-hosted instance to internal users?
If you expose your self-hosted Langfuse instance to the public internet, you may want to restrict access to only internal users.
Recommended ways to restrict access:
- Disable email/password authentication (
AUTH_DISABLE_USERNAME_PASSWORD=true
) - Use an authentication provider supported by Langfuse, such as Google, GitHub, Okta, Auth0. See docs for details.
- Configure your authentication provider to restrict access to only internal users.
Optional: Restrict organization creation
You can rely on an allowlist of Organization Creators to restrict who can create new organizations. See docs for details.