Setting up the Security Policy - 8.0

Talend Administration Center User Guide

Talend Big Data
Talend Big Data Platform
Talend Data Fabric
Talend Data Integration
Talend Data Management Platform
Talend Data Services Platform
Talend ESB
Talend MDM Platform
Talend Real-Time Big Data Platform
Talend Administration Center
Administration and Monitoring
Last publication date

About this task

It is possible to store Source Code Management user credentials in either Talend Administration Center or Talend Studio. Also, the session expiration time can be set so that the user can be logged out from Talend Administration Center automatically after that time. A user with Security Administrator role can set these options in the Security Policy group on the Configuration page.

Note that it is recommended not to store passwords in the Talend Administration Center database but use LDAP or SSO providers for user management as a security best practice. To do so, you need to use LDAP or an Identity Provider for both Talend Administration Center and other third-party tools, for example, GIT. For more information, see the following topics:

If you do not have access to LDAP/SSO, make sure that the security policy configuration meets your security requirements.


  1. On the Menu tree view, click Configuration.
  2. Click the Security Policy group to display its parameters.
  3. In the SCM Policy list, select:
    • TAC (Deprecated) - the Git credentials will be managed in Talend Administration Center, and the data sent to Talend Studio.
    • Studio - the Git credentials will be managed in Talend Studio, and Git will not be visible on the Users and Configuration>LDAP group pages. Studio is selected by default.

      In the pop up window, you can choose to keep or delete the user credentials from the Talend Administration Center database. Talend Administration Center will not send the data to Talend Studio even if you select Keep credentials.

  4. In the Session lifetime(mins) field, enter the timeout value (in minutes) for the user to be logged out from Talend Administration Center if there is no activity in that period of time. The default value is 120.

    If SSO login is enabled, the user will be redirected to page configured in the Redirect URL on Logout field in the SSO group on Configuration page. For more information, see Enabling SSO.

  5. In the Personal Access Token enabled list, select true or false to enable Personal Access Token or not. The default value is false.
    When enabled, the Personal Access Token can be generated in the User settings page. The user token can be used as password by MetaServlet and other application connection, for example, Talend Studio, Talend Data Preparation, Talend Data Stewardship and so on, except the web login. For more information, see Changing user passwords.
    Note: After the user token is generated, if you change this option to false, all users' access token will be reset.