Skip to main content
Skip table of contents

Enabling Authentication Providers via the SiteConfig API

XNAT Administrators who are using the XNAT LDAP Authentication Plugin or the XNAT OAuth Plugin to add authentication providers may want to make use of the XNAT API to manage those providers. This is done via the SiteConfig API, as follows.

You must have valid user credentials for an XNAT user with site administration privileges to use these API endpoints. This guidance also uses the 'httpie' cURL replacement tool, and assumes an authenticated user session named "admin". Curl calls can be substituted, or you can access these calls via the Swagger UI.

Retrieving Enabled Providers

You can get a list of enabled authentication providers in XNAT by performing a GET to the following URI: /xapi/siteConfig/enabledProviders

By default, an XNAT will return an array with only one value:


This is the name for XNAT's local database provider. If you want to preserve the ability to log in with local admin credentials, this should always be included in the provider list.

Setting Enabled Providers

If you want to add a new configured provider to this list, you can post that list like so:

$ http --session=admin --body --verify=no POST <<< '["localdb", "xnatldap"]' 

Note that your list must be a stringified array, including the brackets.

Removing a provider is as easy as posting a modified list.

$ http --session=admin --verify=no POST <<< '["localdb"]'
JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.