yujunjun/OpenMetadata
1
0
Fork 0
mirror of https://github.com/open-metadata/OpenMetadata.git synced 2025-08-01 05:36:58 +00:00
Code Issues Packages Projects Releases Wiki Activity
OpenMetadata/openmetadata-docs/content/v1.7.x/deployment/security/custom-oidc/kubernetes.md
Rounak Dhillon 174e6ed980
Docs: Meta Description Updation (#22376) 
Co-authored-by: “Rounak <“rounakpreet.d@deuexsolutions.com”>
2025-07-15 14:16:59 +00:00

1.3 KiB
Raw Permalink Blame History

title description slug collate
Custom OIDC SSO for Kubernetes | Official Documentation Configure a custom OIDC provider in Kubernetes to enable secure, token-based authentication with flexible identity management and access control. /deployment/security/custom-oidc/kubernetes false

Custom OIDC SSO for Kubernetes

Check the Helm information here.

Once the Client Id is generated, see the snippet below for an example of where to place the client id value and update the authorizer configurations in the values.yaml.

global:
  authorizer:
    className: "org.openmetadata.service.security.DefaultAuthorizer"
    containerRequestFilter: "org.openmetadata.service.security.JwtFilter"
    initialAdmins:
      - "user1"
      - "user2"
    principalDomain: "open-metadata.org"
  authentication:
    provider: "custom-oidc"
    publicKeys:
    - "{your domain}/api/v1/system/config/jwks" # Update with your Domain and Make sure this "/api/v1/system/config/jwks" is always configured to enable JWT tokens
    - "http://localhost:8080/realms/myrealm/protocol/openid-connect/certs"
    authority: "http://localhost:8080/realms/myrealm"
    clientId: "{Client ID}"
    callbackUrl: "http://localhost:8585/callback"

{% partial file="/v1.7/deployment/configure-ingestion.md" /%}