Configuration: CWS Settings

About the Page

The Configuration: CWS Settings page gives you the ability to configure how users access the web server. You can configure certain options such as restricting access to admins or permitting only specific OpenVPN user interfaces the ability to access the web server.

Configure CWS Access

This section gives you the ability to provide users with access to the Client Web Server (CWS) where they can download clients or profiles for their VPN connections. By default, Restrict Client Web Server access to Access Server administrators is set to No. This allows users to sign in to the Client Web UI and access the CWS. Change this to Yes and only users defined as administrators have access.

Note: This doesn’t prevent access using the XML-RPC/REST API. The next section covers that.


The configurations within this section allow you to control access using the API with the following options:

  • Disable API: Prevent users or clients from accessing the web server using the API.
  • Enable limited API: Allow clients to access the server with a limited API, which will work for most cases requiring programmatic interaction between the CWS and other software.
  • Enable complete API: This setting is only necessary if you wish to fully control Access Server via a custom API client.

Customize Client Web Server UI

With these configuration options, you can determine what users see on the CWS. You can display all or only select, available downloads/profiles. For instance, if you don’t want users to download their own profiles, hide user-locked profiles.

By default, OpenVPN Connect v3 desktop downloads display, and OpenVPN Connect v2 downloads are hidden.


The Configuration: CWS Settings page gives you the ability to configure access to the Client Web Server. It also gives you configuration settings for what displays on the page once a user successfully signs in.