# Plain Login Setup > For the complete documentation index, see [llms.txt](https://docs.redpanda.com/llms.txt). Component-specific: [streaming-full.txt](https://docs.redpanda.com/streaming-full.txt) --- title: Plain Login Setup latest-redpanda-tag: v24.3.9 latest-console-tag: v3.7.3 latest-operator-version: v26.1.4 # EOL = End-of-Life (support lifecycle status) page-is-nearing-eol: "false" page-is-past-eol: "true" page-eol-date: December 3, 2025 latest-connect-version: 4.93.0 docname: config/security/plain page-component-name: streaming page-version: "24.3" page-component-version: "24.3" page-component-title: Streaming page-relative-src-path: config/security/plain.adoc page-edit-url: https://github.com/redpanda-data/docs/edit/v/24.3/modules/console/pages/config/security/plain.adoc description: Configure Redpanda Console with a plain login provider to allow your users to authenticate with a predefined username and password. page-git-created-date: "2024-09-11" page-git-modified-date: "2024-09-11" support-status: past end-of-life --- > 📝 **NOTE** > > This feature requires an [enterprise license](https://docs.redpanda.com/streaming/24.3/get-started/licensing/overview/). To get a trial license key or extend your trial period, [generate a new trial license key](https://redpanda.com/try-enterprise). To purchase a license, contact [Redpanda Sales](https://redpanda.com/upgrade). > > If Redpanda Console has enterprise features enabled and it cannot find a valid license either in its [local configuration](https://docs.redpanda.com/streaming/24.3/console/config/enterprise-license/) or in the [connected Redpanda cluster](https://docs.redpanda.com/streaming/24.3/get-started/licensing/add-license-redpanda/), it redirects you to the license expiration landing page, and all other access is restricted. Configuring Redpanda Console with a plain login provider allows your users to authenticate with a predefined username and password. Plain logins are the easiest way to set up a login-protected deployment of Redpanda Console. > ⚠️ **CAUTION** > > Plain logins are not secure. Use them only in development environments or for demo purposes. To configure a plain login provider, you must: 1. [Configure the plain login provider with user credentials](#configure-the-plain-login-provider-with-user-credentials). 2. [Define role-bindings for the users](#define-role-bindings). ## [](#configure-the-plain-login-provider-with-user-credentials)Configure the plain login provider with user credentials To configure the users' plain login credentials, add them to the `login.plain.credentials` setting in the [Redpanda Console Configuration](https://docs.redpanda.com/streaming/24.3/console/config/configure-console/). `redpanda-console-config.yaml` ```yaml login: enabled: true # jwtSecret is the secret key you must use to sign and encrypt the JSON # web token used to store user sessions. This secret key is # critical for the security of Redpanda Console's authentication and # authorization system. Use a long, complex key with a combination of # numbers, letters, and special characters. While you must use a minimum of # 10 characters, Redpanda recommends using more than 32 # characters. For additional security, use a different secret key for # each environment. jwtSecret can be securely generated with the following # command: LC_ALL=C tr -dc '[:alnum:]' < /dev/random | head -c32 # # If you update this secret key, any users who are # already logged into Redpanda Console will be logged out and will have # to log in again. jwtSecret: "" # useSecureCookies controls the storage of session cookies in Console. # Enabling this option ensures that session cookies are stored with the # secure attribute, allowing them to be sent only over HTTPS. # If you are not using SSL in your environment, you must # disable this setting. useSecureCookies: false plain: enabled: true # Credentials are username and password combinations that you can use to log in. # By default, each user has no permissions. You must bind a role to the user. credentials: - username: "jane" password: "some-other-secret-password" - username: "john" password: "some-secret-password" ``` > 📝 **NOTE** > > Disable the `useSecureCookies` option shown in the code snippet if Console is exposed using HTTP instead of HTTPS. ## [](#define-role-bindings)Define role-bindings By default, each user has no permissions. To give users permissions, you must bind a role to them. After you’ve configured the plain login provider, you can bind users to roles in the [Redpanda Console Role-Binding Configuration](https://docs.redpanda.com/streaming/24.3/console/config/security/authorization/). `role-bindings.yaml` ```yaml roleBindings: - metadata: name: Platform Ops subjects: - kind: user provider: Plain name: jane roleName: admin - metadata: name: Software Engineers subjects: - kind: user provider: Plain name: john roleName: editor ``` ## [](#next-steps)Next steps See [Authorization](https://docs.redpanda.com/streaming/24.3/console/config/security/authorization/) to learn more about managing user permissions with RBAC. ## [](#suggested-reading)Suggested reading - [Redpanda Console Configuration](https://docs.redpanda.com/streaming/24.3/console/config/configure-console/) - [Redpanda Console Role-Binding Configuration](https://docs.redpanda.com/streaming/24.3/console/config/security/authorization/) ## Suggested labs - [Enable Unified Identity with Azure Entra ID for Redpanda and Redpanda Console](https://docs.redpanda.com/labs/docker-compose/oidc/) [Search all labs](https://docs.redpanda.com/labs)