Mission Control provides the user powerful access to your Presto deployment. Access restrictions to allow only authenticated and authorized users are important for successful usage.
Mission Control supports three authentication systems:
- built-in user management
- external LDAP providers such as Active Directory
- Google authentication
The user authentication systems are configured in the
property. The default is
INTERNAL. One or more types in the desired order,
separated by commas, are supported. Leaving the value empty disables
authentication, and is not recommended.
The internal authentication uses data stored in the backend database for access control and can be controlled with the user management section.
LDAP authentication for Mission Control has to be configured using the
ldap.* properties in the general config file.
You can use Google authentication, if your Mission Control server is available
at a URL using a full domain name, such as
The following steps describe how to activate this authentication in your Google cloud configuration.
- Go to your Google Cloud console at https://console.cloud.google.com.
- Select your project.
- Access the APIs & Services > OAuth consent screen.
- Select application type. Use internal app so that only users within your organization can authenticate.
- Add your domain name to the authorized domains list.
- Save and access APIs & Services > Credentials.
- Create credentials selecting OAuth client ID.
- Select Web application.
- Provide a name such as Mission Control and the full URL to Mission Control.
- Use the provided client id and client secret for the parameters
authentication.google.secretin your Mission Control general config file.
- Add the domain name of the Google accounts to allow, such as
authentication.google.hosted-domainin the config file.
- Restart Mission Control.
Now you can sign into Mission Control using your Google account.